You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Part of the emergent-mode realization ladder (packs/cyber_webapp/DESIGN.md §9). The realization primitive every higher rung is built from.
Goal
Let an LLM realize a vulnerability handler — a varied implementation of a vuln class — inside the procedurally-generated graph/flag/structure, instead of rendering a fixed template. Procedural stays the architect; the verifier is the gate.
The dynamic admission gate (the core)
Today's admission is structural (check_feasibility: a graph path exists). An LLM-realized handler can be wrong, so it needs dynamic admission:
Closes the structural-diversity residual: templates are ~3 fixed skeletons per class, so an agent can overfit to "OpenRange-shaped" handlers rather than the technique.
The deterministic core (the admission gate) is unit-tested against hand-built handler variants — faithful → accept, trivial/broken → reject. The LLM-realization step is proven by a live run (no mocks).
Out of scope (later rungs)
Real fs/shell exec-effect faithfulness (rides the container, #252 / #202); multi-service + networking (#212, #235); k8s (#189).
Part of the emergent-mode realization ladder (
packs/cyber_webapp/DESIGN.md§9). The realization primitive every higher rung is built from.Goal
Let an LLM realize a vulnerability handler — a varied implementation of a vuln class — inside the procedurally-generated graph/flag/structure, instead of rendering a fixed template. Procedural stays the architect; the verifier is the gate.
The dynamic admission gate (the core)
Today's admission is structural (
check_feasibility: a graph path exists). An LLM-realized handler can be wrong, so it needs dynamic admission:consequence.detect_leak(the live oracle from feat(cyber): detect leaked secrets in responses, not just submitted flags #259).Accept iff solvable-and-not-trivial; else reject / regenerate.
Why
Scope
PROCESSbacking (the handler is Python in the existing app); no container needed (that is Implement a plainBacking.CONTAINERrealizer for cyber_webapp #252 / M1).Out of scope (later rungs)
Real fs/shell exec-effect faithfulness (rides the container, #252 / #202); multi-service + networking (#212, #235); k8s (#189).