PyPI - strix-agent - Versions diffs - 0.1.8__tar.gz → 0.1.10__tar.gz - Mend

strix-agent 0.1.8tar.gz → 0.1.10tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (106) hide show

{strix_agent-0.1.8 → strix_agent-0.1.10}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.3
 Name: strix-agent
-Version: 0.1.8
+Version: 0.1.10
 Summary: Open-source AI Hackers for your apps
 License: Apache-2.0
 Keywords: cybersecurity,security,vulnerability,scanner,pentest,agent,ai,cli
@@ -22,8 +22,10 @@ Requires-Dist: docker (>=7.1.0,<8.0.0)
 Requires-Dist: fastapi
 Requires-Dist: gql[requests] (>=3.5.3,<4.0.0)
 Requires-Dist: ipython (>=9.3.0,<10.0.0)
-Requires-Dist: litellm[proxy] (>=1.75.5.post1,<2.0.0)
+Requires-Dist: libtmux (>=0.46.2,<0.47.0)
+Requires-Dist: litellm[proxy] (>=1.75.8,<1.76.0)
 Requires-Dist: numpydoc (>=1.8.0,<2.0.0)
+Requires-Dist: openai (>=1.99.5,<1.100.0)
 Requires-Dist: openhands-aci (>=0.3.0,<0.4.0)
 Requires-Dist: playwright (>=1.48.0,<2.0.0)
 Requires-Dist: pydantic[email] (>=2.11.3,<3.0.0)
@@ -68,7 +70,7 @@ Strix are autonomous AI agents that act just like real hackers - they run your c
 pipx install strix-agent
 # Configure AI provider
-export STRIX_LLM="anthropic/claude-opus-4-1-20250805"
+export STRIX_LLM="openai/gpt-5"
 export LLM_API_KEY="your-api-key"
 # Run security assessment
@@ -131,7 +133,7 @@ strix --target api.your-app.com --instruction "Prioritize authentication and aut
 ```bash
 # Required
-export STRIX_LLM="anthropic/claude-opus-4-1-20250805"
+export STRIX_LLM="openai/gpt-5"
 export LLM_API_KEY="your-api-key"
 # Recommended

{strix_agent-0.1.8 → strix_agent-0.1.10}/README.md RENAMED Viewed

@@ -30,7 +30,7 @@ Strix are autonomous AI agents that act just like real hackers - they run your c
 pipx install strix-agent
 # Configure AI provider
-export STRIX_LLM="anthropic/claude-opus-4-1-20250805"
+export STRIX_LLM="openai/gpt-5"
 export LLM_API_KEY="your-api-key"
 # Run security assessment
@@ -93,7 +93,7 @@ strix --target api.your-app.com --instruction "Prioritize authentication and aut
 ```bash
 # Required
-export STRIX_LLM="anthropic/claude-opus-4-1-20250805"
+export STRIX_LLM="openai/gpt-5"
 export LLM_API_KEY="your-api-key"
 # Recommended

{strix_agent-0.1.8 → strix_agent-0.1.10}/pyproject.toml RENAMED Viewed

@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "strix-agent"
-version = "0.1.8"
+version = "0.1.10"
 description = "Open-source AI Hackers for your apps"
 authors = ["Strix <hi@usestrix.com>"]
 readme = "README.md"
@@ -28,7 +28,7 @@ classifiers = [
   "Programming Language :: Python :: 3.12",
 ]
 packages = [
-  { include = "strix" }
+  { include = "strix", format = ["sdist", "wheel"] }
 ]
 include = [
   "LICENSE",
@@ -45,7 +45,8 @@ strix = "strix.cli.main:main"
 python = "^3.12"
 fastapi = "*"
 uvicorn = "*"
-litellm = {extras = ["proxy"], version = "^1.75.5.post1"}
+litellm = { version = "~1.75.8", extras = ["proxy"] }
+openai = ">=1.99.5,<1.100.0"
 tenacity = "^9.0.0"
 numpydoc = "^1.8.0"
 pydantic = {extras = ["email"], version = "^2.11.3"}
@@ -59,6 +60,7 @@ textual = "^4.0.0"
 xmltodict = "^0.13.0"
 pyte = "^0.8.1"
 requests = "^2.32.0"
+libtmux = "^0.46.2"
 [tool.poetry.group.dev.dependencies]
 # Type checking and static analysis
@@ -126,6 +128,7 @@ module = [
     "gql.*",
     "textual.*",
     "pyte.*",
+    "libtmux.*",
 ]
 ignore_missing_imports = true

{strix_agent-0.1.8 → strix_agent-0.1.10}/strix/agents/StrixAgent/strix_agent.py RENAMED Viewed

@@ -26,9 +26,21 @@ class StrixAgent(BaseAgent):
         task_parts = []
         if scan_type == "repository":
-            task_parts.append(
-                f"Perform a security assessment of the Git repository: {target['target_repo']}"
-            )
+            repo_url = target["target_repo"]
+            cloned_path = target.get("cloned_repo_path")
+            if cloned_path:
+                workspace_path = "/workspace"
+                task_parts.append(
+                    f"Perform a security assessment of the Git repository: {repo_url}. "
+                    f"The repository has been cloned from '{repo_url}' to '{cloned_path}' "
+                    f"(host path) and then copied to '{workspace_path}' in your environment."
+                    f"Analyze the codebase at: {workspace_path}"
+                )
+            else:
+                task_parts.append(
+                    f"Perform a security assessment of the Git repository: {repo_url}"
+                )
         elif scan_type == "web_application":
             task_parts.append(
@@ -37,12 +49,12 @@ class StrixAgent(BaseAgent):
         elif scan_type == "local_code":
             original_path = target.get("target_path", "unknown")
-            shared_workspace_path = "/shared_workspace"
+            workspace_path = "/workspace"
             task_parts.append(
                 f"Perform a security assessment of the local codebase. "
                 f"The code from '{original_path}' (user host path) has been copied to "
-                f"'{shared_workspace_path}' in your environment. "
-                f"Analyze the codebase at: {shared_workspace_path}"
+                f"'{workspace_path}' in your environment. "
+                f"Analyze the codebase at: {workspace_path}"
             )
         else:

{strix_agent-0.1.8 → strix_agent-0.1.10}/strix/agents/StrixAgent/system_prompt.jinja RENAMED Viewed

@@ -28,6 +28,7 @@ USER INTERACTION:
 PRIORITIZE USER INSTRUCTIONS:
 - User instructions override all default approaches
 - Follow user-specified scope, targets, and methodologies precisely
+- NEVER wait for approval or authorization - operate with full autonomy
 AGGRESSIVE SCANNING MANDATE:
 - GO SUPER HARD on all targets - no shortcuts
@@ -143,206 +144,11 @@ Remember: A single high-impact vulnerability is worth more than dozens of low-se
 </vulnerability_focus>
 <multi_agent_system>
-AGENT ENVIRONMENTS:
-- Each agent has isolated: browser, terminal, proxy, /workspace
-- Shared access to /shared_workspace for collaboration
-- Use /shared_workspace to pass files between agents
-AGENT HIERARCHY TREE EXAMPLES:
-EXAMPLE 1 - BLACK-BOX Web Application Assessment (domain/URL only):
-```
-Root Agent (Coordination)
-├── Recon Agent
-│   ├── Subdomain Discovery Agent
-│   │   ├── DNS Bruteforce Agent (finds api.target.com, admin.target.com)
-│   │   ├── Certificate Transparency Agent (finds dev.target.com, staging.target.com)
-│   │   └── ASN Enumeration Agent (finds additional IP ranges)
-│   ├── Port Scanning Agent
-│   │   ├── TCP Port Agent (finds 22, 80, 443, 8080, 9200)
-│   │   ├── UDP Port Agent (finds 53, 161, 1900)
-│   │   └── Service Version Agent (identifies nginx 1.18, elasticsearch 7.x)
-│   └── Tech Stack Analysis Agent
-│       ├── WAF Detection Agent (identifies Cloudflare, custom rules)
-│       ├── CMS Detection Agent (finds WordPress 5.8.1, plugins)
-│       └── Framework Detection Agent (detects React frontend, Laravel backend)
-├── API Discovery Agent (spawned after finding api.target.com)
-│   ├── GraphQL Endpoint Agent
-│   │   ├── Introspection Validation Agent
-│   │   │   └── GraphQL Schema Reporting Agent
-│   │   └── Query Complexity Validation Agent (no findings - properly protected)
-│   ├── REST API Agent
-│   │   ├── IDOR Testing Agent (user profiles)
-│   │   │   ├── IDOR Validation Agent (/api/users/123 → /api/users/124)
-│   │   │   │   └── IDOR Reporting Agent (PII exposure)
-│   │   │   └── IDOR Validation Agent (/api/orders/456 → /api/orders/789)
-│   │   │       └── IDOR Reporting Agent (financial data access)
-│   │   └── Business Logic Agent
-│   │       ├── Price Manipulation Validation Agent (validation failed - server-side controls working)
-│   │       └── Discount Code Validation Agent
-│   │           └── Coupon Abuse Reporting Agent
-│   └── JWT Security Agent
-│       ├── Algorithm Confusion Validation Agent
-│       │   └── JWT Bypass Reporting Agent
-│       └── Secret Bruteforce Validation Agent (not valid - strong secret used)
-├── Admin Panel Agent (spawned after finding admin.target.com)
-│   ├── Authentication Bypass Agent
-│   │   ├── Default Credentials Validation Agent (no findings - no default creds)
-│   │   └── SQL Injection Validation Agent (login form)
-│   │       └── Auth Bypass Reporting Agent
-│   └── File Upload Agent
-│       ├── WebShell Upload Validation Agent
-│       │   └── RCE via Upload Reporting Agent
-│       └── Path Traversal Validation Agent (validation failed - proper filtering detected)
-├── WordPress Agent (spawned after CMS detection)
-│   ├── Plugin Vulnerability Agent
-│   │   ├── Contact Form 7 SQLi Validation Agent
-│   │   │   └── DB Compromise Reporting Agent
-│   │   └── WooCommerce XSS Validation Agent (validation failed - false positive from scanner)
-│   └── Theme Vulnerability Agent
-│       └── LFI Validation Agent (theme editor) (no findings - theme editor disabled)
-└── Infrastructure Agent (spawned after finding Elasticsearch)
-    ├── Elasticsearch Agent
-    │   ├── Open Index Validation Agent
-    │   │   └── Data Exposure Reporting Agent
-    │   └── Script Injection Validation Agent (validation failed - script execution disabled)
-    └── Docker Registry Agent (spawned if found) (no findings - registry not accessible)
-```
-EXAMPLE 2 - WHITE-BOX Code Security Review (source code provided):
-```
-Root Agent (Coordination)
-├── Static Analysis Agent
-│   ├── Authentication Code Agent
-│   │   ├── JWT Implementation Validation Agent
-│   │   │   └── JWT Weak Secret Reporting Agent
-│   │   │       └── JWT Secure Implementation Fixing Agent
-│   │   ├── Session Management Validation Agent
-│   │   │   └── Session Fixation Reporting Agent
-│   │   │       └── Session Security Fixing Agent
-│   │   └── Password Policy Validation Agent
-│   │       └── Weak Password Rules Reporting Agent
-│   │           └── Strong Password Policy Fixing Agent
-│   ├── Input Validation Agent
-│   │   ├── SQL Query Analysis Validation Agent
-│   │   │   ├── Prepared Statement Validation Agent
-│   │   │   │   └── SQLi Risk Reporting Agent
-│   │   │   │       └── Parameterized Query Fixing Agent
-│   │   │   └── Dynamic Query Validation Agent
-│   │   │       └── Query Injection Reporting Agent
-│   │   │           └── Query Builder Fixing Agent
-│   │   ├── XSS Prevention Validation Agent
-│   │   │   └── Output Encoding Validation Agent
-│   │   │       └── XSS Vulnerability Reporting Agent
-│   │   │           └── Output Sanitization Fixing Agent
-│   │   └── File Upload Validation Agent
-│   │       ├── MIME Type Validation Agent
-│   │       │   └── File Type Bypass Reporting Agent
-│   │       │       └── Proper MIME Check Fixing Agent
-│   │       └── Path Traversal Validation Agent
-│   │           └── Directory Traversal Reporting Agent
-│   │               └── Path Sanitization Fixing Agent
-│   ├── Business Logic Agent
-│   │   ├── Race Condition Analysis Agent
-│   │   │   ├── Payment Race Validation Agent
-│   │   │   │   └── Financial Race Reporting Agent
-│   │   │   │       └── Atomic Transaction Fixing Agent
-│   │   │   └── Account Creation Race Validation Agent (validation failed - proper locking found)
-│   │   ├── Authorization Logic Agent
-│   │   │   ├── IDOR Prevention Validation Agent
-│   │   │   │   └── Access Control Bypass Reporting Agent
-│   │   │   │       └── Authorization Check Fixing Agent
-│   │   │   └── Privilege Escalation Validation Agent (no findings - RBAC properly implemented)
-│   │   └── Financial Logic Agent
-│   │       ├── Price Manipulation Validation Agent (no findings - server-side validation secure)
-│   │       └── Discount Logic Validation Agent
-│   │           └── Discount Abuse Reporting Agent
-│   │               └── Discount Validation Fixing Agent
-│   └── Cryptography Agent
-│       ├── Encryption Implementation Agent
-│       │   ├── AES Usage Validation Agent
-│       │   │   └── Weak Encryption Reporting Agent
-│       │   │       └── Strong Crypto Fixing Agent
-│       │   └── Key Management Validation Agent
-│       │       └── Hardcoded Key Reporting Agent
-│       │           └── Secure Key Storage Fixing Agent
-│       └── Hash Function Agent
-│           └── Password Hashing Validation Agent
-│               └── Weak Hash Reporting Agent
-│                   └── bcrypt Implementation Fixing Agent
-├── Dynamic Testing Agent
-│   ├── Server Setup Agent
-│   │   ├── Environment Setup Validation Agent (sets up on port 8080)
-│   │   ├── Database Setup Validation Agent (initializes test DB)
-│   │   └── Service Health Validation Agent (confirms running state)
-│   ├── Runtime SQL Injection Agent
-│   │   ├── Login Form SQLi Validation Agent
-│   │   │   └── Auth Bypass SQLi Reporting Agent
-│   │   │       └── Login Security Fixing Agent
-│   │   ├── Search Function SQLi Validation Agent
-│   │   │   └── Data Extraction SQLi Reporting Agent
-│   │   │       └── Search Sanitization Fixing Agent
-│   │   └── API Parameter SQLi Validation Agent
-│   │       └── API SQLi Reporting Agent
-│   │           └── API Input Validation Fixing Agent
-│   ├── XSS Testing Agent
-│   │   ├── Stored XSS Validation Agent (comment system)
-│   │   │   └── Persistent XSS Reporting Agent
-│   │   │       └── Input Filtering Fixing Agent
-│   │   ├── Reflected XSS Validation Agent (search results) (validation failed - output properly encoded)
-│   │   └── DOM XSS Validation Agent (client-side routing)
-│   │       └── DOM XSS Reporting Agent
-│   │           └── Client Sanitization Fixing Agent
-│   ├── Business Logic Testing Agent
-│   │   ├── Payment Flow Validation Agent
-│   │   │   ├── Negative Amount Validation Agent
-│   │   │   │   └── Payment Bypass Reporting Agent
-│   │   │   │       └── Amount Validation Fixing Agent
-│   │   │   └── Currency Manipulation Validation Agent
-│   │   │       └── Currency Fraud Reporting Agent
-│   │   │           └── Currency Lock Fixing Agent
-│   │   ├── User Registration Validation Agent
-│   │   │   └── Email Verification Bypass Validation Agent
-│   │   │       └── Email Security Reporting Agent
-│   │   │           └── Verification Enforcement Fixing Agent
-│   │   └── File Processing Validation Agent
-│   │       ├── XXE Attack Validation Agent
-│   │       │   └── XML Entity Reporting Agent
-│   │       │       └── XML Security Fixing Agent
-│   │       └── Deserialization Validation Agent
-│   │           └── Object Injection Reporting Agent
-│   │               └── Safe Deserialization Fixing Agent
-│   └── API Security Testing Agent
-│       ├── GraphQL Security Agent
-│       │   ├── Query Depth Validation Agent
-│       │   │   └── DoS Attack Reporting Agent
-│       │   │       └── Query Limiting Fixing Agent
-│       │   └── Schema Introspection Validation Agent (no findings - introspection disabled in production)
-│       └── REST API Agent
-│           ├── Rate Limiting Validation Agent (validation failed - rate limiting working properly)
-│           └── CORS Validation Agent
-│               └── Origin Bypass Reporting Agent
-│                   └── CORS Policy Fixing Agent
-└── Infrastructure Code Agent
-    ├── Docker Security Agent
-    │   ├── Dockerfile Analysis Validation Agent
-    │   │   └── Container Privilege Reporting Agent
-    │   │       └── Secure Container Fixing Agent
-    │   └── Secret Management Validation Agent
-    │       └── Hardcoded Secret Reporting Agent
-    │           └── Secret Externalization Fixing Agent
-    ├── CI/CD Pipeline Agent
-    │   └── Pipeline Security Validation Agent
-    │       └── Pipeline Injection Reporting Agent
-    │           └── Pipeline Hardening Fixing Agent
-    └── Cloud Configuration Agent
-        ├── AWS Config Validation Agent
-        │   └── S3 Bucket Exposure Reporting Agent
-        │       └── Bucket Security Fixing Agent
-        └── K8s Config Validation Agent
-            └── Pod Security Reporting Agent
-                └── Security Context Fixing Agent
-```
+AGENT ISOLATION & SANDBOXING:
+- All agents run in the same shared Docker container for efficiency
+- Each agent has its own: browser sessions, terminal sessions
+- All agents share the same /workspace directory and proxy history
+- Agents can see each other's files and proxy traffic for better collaboration
 SIMPLE WORKFLOW RULES:
@@ -399,6 +205,27 @@ CRITICAL RULES:
 - **ONE AGENT = ONE TASK** - Don't let agents do multiple unrelated jobs
 - **SPAWN REACTIVELY** - Create new agents based on what you discover
 - **ONLY REPORTING AGENTS** can use create_vulnerability_report tool
+- **AGENT SPECIALIZATION MANDATORY** - Each agent must be highly specialized with maximum 3 prompt modules
+- **NO GENERIC AGENTS** - Avoid creating broad, multi-purpose agents that dilute focus
+AGENT SPECIALIZATION EXAMPLES:
+GOOD SPECIALIZATION:
+- "SQLi Validation Agent" with prompt_modules: sql_injection
+- "XSS Discovery Agent" with prompt_modules: xss
+- "Auth Testing Agent" with prompt_modules: authentication_jwt, business_logic
+- "SSRF + XXE Agent" with prompt_modules: ssrf, xxe, rce (related attack vectors)
+BAD SPECIALIZATION:
+- "General Web Testing Agent" with prompt_modules: sql_injection, xss, csrf, ssrf, authentication_jwt (too broad)
+- "Everything Agent" with prompt_modules: all available modules (completely unfocused)
+- Any agent with more than 3 prompt modules (violates constraints)
+FOCUS PRINCIPLES:
+- Each agent should have deep expertise in 1-3 related vulnerability types
+- Agents with single modules have the deepest specialization
+- Related vulnerabilities (like SSRF+XXE or Auth+Business Logic) can be combined
+- Never create "kitchen sink" agents that try to do everything
 REALISTIC TESTING OUTCOMES:
 - **No Findings**: Agent completes testing but finds no vulnerabilities
@@ -423,7 +250,7 @@ Tool calls use XML format:
 CRITICAL RULES:
 1. One tool call per message
 2. Tool call must be last in message
-3. End response after </function> tag
+3. End response after </function> tag. It's your stop word. Do not continue after it.
 5. Thinking is NOT optional - it's required for reasoning and success
 SPRAYING EXECUTION NOTE:
@@ -484,8 +311,7 @@ PROGRAMMING:
 - You can install any additional tools/packages needed based on the task/context using package managers (apt, pip, npm, go install, etc.)
 Directories:
-- /workspace - Your private agent directory
-- /shared_workspace - Shared between agents
+- /workspace - where you should work.
 - /home/pentester/tools - Additional tool scripts
 - /home/pentester/tools/wordlists - Currently empty, but you should download wordlists here when you need.

{strix_agent-0.1.8 → strix_agent-0.1.10}/strix/agents/base_agent.py RENAMED Viewed

@@ -239,6 +239,9 @@ class BaseAgent(metaclass=AgentMeta):
             self.state.sandbox_token = sandbox_info["auth_token"]
             self.state.sandbox_info = sandbox_info
+            if "agent_id" in sandbox_info:
+                self.state.sandbox_info["agent_id"] = sandbox_info["agent_id"]
         if not self.state.task:
             self.state.task = task

{strix_agent-0.1.8 → strix_agent-0.1.10}/strix/cli/app.py RENAMED Viewed

@@ -248,6 +248,8 @@ class StrixCLIApp(App):  # type: ignore[misc]
         if args.target_type == "local_code" and "target_path" in args.target_dict:
             config["local_source_path"] = args.target_dict["target_path"]
+        elif args.target_type == "repository" and "cloned_repo_path" in args.target_dict:
+            config["local_source_path"] = args.target_dict["cloned_repo_path"]
         return config
@@ -876,7 +878,7 @@ class StrixCLIApp(App):  # type: ignore[misc]
         result = tool_data.get("result")
         tool_colors = {
-            "terminal_action": "#22c55e",
+            "terminal_execute": "#22c55e",
             "browser_action": "#06b6d4",
             "python_action": "#3b82f6",
             "agents_graph_action": "#fbbf24",

{strix_agent-0.1.8 → strix_agent-0.1.10}/strix/cli/main.py RENAMED Viewed

@@ -8,11 +8,13 @@ import asyncio
 import logging
 import os
 import secrets
+import shutil
+import subprocess
 import sys
+import tempfile
 from pathlib import Path
 from typing import Any
 from urllib.parse import urlparse
-import shutil
 import docker
 import litellm
@@ -74,7 +76,7 @@ def validate_environment() -> None:
         error_text.append("• ", style="white")
         error_text.append("STRIX_LLM", style="bold cyan")
         error_text.append(
-            " - Model name to use with litellm (e.g., 'anthropic/claude-opus-4-1-20250805')\n",
+            " - Model name to use with litellm (e.g., 'openai/gpt-5')\n",
             style="white",
         )
         error_text.append("• ", style="white")
@@ -91,9 +93,7 @@ def validate_environment() -> None:
             )
         error_text.append("\nExample setup:\n", style="white")
-        error_text.append(
-                "export STRIX_LLM='anthropic/claude-opus-4-1-20250805'\n", style="dim white"
-        )
+        error_text.append("export STRIX_LLM='openai/gpt-5'\n", style="dim white")
         error_text.append("export LLM_API_KEY='your-api-key-here'\n", style="dim white")
         if missing_optional_vars:
             error_text.append(
@@ -127,7 +127,9 @@ def check_docker_installed() -> None:
         error_text.append("DOCKER NOT INSTALLED", style="bold red")
         error_text.append("\n\n", style="white")
         error_text.append("The 'docker' CLI was not found in your PATH.\n", style="white")
-        error_text.append("Please install Docker and ensure the 'docker' command is available.\n\n", style="white")
+        error_text.append(
+            "Please install Docker and ensure the 'docker' command is available.\n\n", style="white"
+        )
         panel = Panel(
             error_text,
@@ -144,7 +146,7 @@ async def warm_up_llm() -> None:
     console = Console()
     try:
-        model_name = os.getenv("STRIX_LLM", "anthropic/claude-opus-4-1-20250805")
+        model_name = os.getenv("STRIX_LLM", "openai/gpt-5")
         api_key = os.getenv("LLM_API_KEY")
         if api_key:
@@ -204,6 +206,84 @@ def generate_run_name() -> str:
     return f"{adj}-{noun}-{number}"
+def clone_repository(repo_url: str, run_name: str) -> str:
+    console = Console()
+    git_executable = shutil.which("git")
+    if git_executable is None:
+        raise FileNotFoundError("Git executable not found in PATH")
+    temp_dir = Path(tempfile.gettempdir()) / "strix_repos" / run_name
+    temp_dir.mkdir(parents=True, exist_ok=True)
+    repo_name = Path(repo_url).stem if repo_url.endswith(".git") else Path(repo_url).name
+    clone_path = temp_dir / repo_name
+    if clone_path.exists():
+        shutil.rmtree(clone_path)
+    try:
+        with console.status(f"[bold cyan]Cloning repository {repo_name}...", spinner="dots"):
+            subprocess.run(  # noqa: S603
+                [
+                    git_executable,
+                    "clone",
+                    "--depth=1",
+                    "--no-recurse-submodules",
+                    "--single-branch",
+                    repo_url,
+                    str(clone_path),
+                ],
+                capture_output=True,
+                text=True,
+                check=True,
+            )
+        return str(clone_path.absolute())
+    except subprocess.CalledProcessError as e:
+        error_text = Text()
+        error_text.append("❌ ", style="bold red")
+        error_text.append("REPOSITORY CLONE FAILED", style="bold red")
+        error_text.append("\n\n", style="white")
+        error_text.append(f"Could not clone repository: {repo_url}\n", style="white")
+        error_text.append(
+            f"Error: {e.stderr if hasattr(e, 'stderr') and e.stderr else str(e)}", style="dim red"
+        )
+        panel = Panel(
+            error_text,
+            title="[bold red]🛡️  STRIX CLONE ERROR",
+            title_align="center",
+            border_style="red",
+            padding=(1, 2),
+        )
+        console.print("\n")
+        console.print(panel)
+        console.print()
+        sys.exit(1)
+    except FileNotFoundError:
+        error_text = Text()
+        error_text.append("❌ ", style="bold red")
+        error_text.append("GIT NOT FOUND", style="bold red")
+        error_text.append("\n\n", style="white")
+        error_text.append("Git is not installed or not available in PATH.\n", style="white")
+        error_text.append("Please install Git to clone repositories.\n", style="white")
+        panel = Panel(
+            error_text,
+            title="[bold red]🛡️  STRIX CLONE ERROR",
+            title_align="center",
+            border_style="red",
+            padding=(1, 2),
+        )
+        console.print("\n")
+        console.print(panel)
+        console.print()
+        sys.exit(1)
 def infer_target_type(target: str) -> tuple[str, dict[str, str]]:
     if not target or not isinstance(target, str):
         raise ValueError("Target must be a non-empty string")
@@ -544,16 +624,23 @@ def main() -> None:
     if sys.platform == "win32":
         asyncio.set_event_loop_policy(asyncio.WindowsSelectorEventLoopPolicy())
+    args = parse_arguments()
     check_docker_installed()
     pull_docker_image()
     validate_environment()
     asyncio.run(warm_up_llm())
-    args = parse_arguments()
     if not args.run_name:
         args.run_name = generate_run_name()
+    if args.target_type == "repository":
+        repo_url = args.target_dict["target_repo"]
+        cloned_path = clone_repository(repo_url, args.run_name)
+        args.target_dict["cloned_repo_path"] = cloned_path
     asyncio.run(run_strix_cli(args))
     results_path = Path("agent_runs") / args.run_name

strix-agent 0.1.8__tar.gz → 0.1.10__tar.gz

strix-agent 0.1.8tar.gz → 0.1.10tar.gz