This repository is the public-safe core of DonTrabajoGPT. It ships a small, local recon pipeline (linPEAS parsing + CVE matching) and a deterministic demo report built from mock inputs.
What is intentionally excluded (OPSEC):
- operational notes and runbooks
- lab-specific workflows, targets, credentials, or flags
- internal KB/mesh tooling, personas, and the TUI
- internal hostnames, absolute host paths, and non-sample IPs
- logs, state files, and local artifacts
Quickstart (Windows, PowerShell):
python -m venv .venv
.\.venv\Scripts\Activate.ps1
pip install -r requirements.txt
python -m tools.demoQuickstart (macOS/Linux, bash):
python3 -m venv .venv
source .venv/bin/activate
pip install -r requirements.txt
python -m tools.demoDemo command:
python -m tools.demoVerification gates:
scripts/preflight.ps1runs the demo and OPSEC scans locally.- CI runs the demo plus OPSEC scan on every push/PR.
The file
scripts/opsec_testdata/should_fail.txtintentionally contains banned patterns to validate the scanner. CI excludesscripts/opsec_testdataby design so the repository can remain publish-safe.
Repo structure:
prox_ops/core recon parsing modulestools/demo entrypointexamples/mock_inputs/sanitized sample inputsexamples/output/generated demo reportdocs/architecture and security notesscripts/preflight and OPSEC scanning
Docs:
docs/ARCHITECTURE.mddocs/SECURITY.md