Summary

The Secure Code Game is an open-source, in-browser, interactive learning experience designed to teach secure coding practices through gamification. Targeting developers, students, and security-curious individuals, it offers a fun, accessible way to understand complex security concepts, with over 10,000 players already engaged. The platform allows users to get started in under two minutes, providing immediate hands-on experience.

How It Works

The game operates as an in-editor experience, simulating real-world scenarios within a secure environment. Players progress through progressively challenging levels, learning by actively solving security puzzles. The latest Season 4 introduces an Agentic AI theme, placing users within an AI coding assistant that can generate bash commands, browse the web, utilize tools, and orchestrate multi-agent workflows, focusing on securing these advanced AI interactions.

Quick Start & Requirements

1. Setup: Fork the repository using the "Use this template" button, then create a GitHub Codespace from the new repository.
2. Prerequisites: A GitHub account is required. Usage of GitHub Codespaces counts towards the 60-hour monthly free allowance.
3. Estimated Setup: Codespaces launch and complete initial setup in under three minutes.
4. Links: Testimonials and FAQs are available at gh.io/scg.

Highlighted Details

• Season 4 focuses on securing Agentic AI agents, their workflows, and inter-agent communications.
• Each season is self-contained, allowing users to start with any season (e.g., Season 4 or Season 3).
• Season 3 covers LLM Security, focusing on prompt design and data source protection.
• Previous seasons cover Multi-Stack security (CI/CD, backend, web apps) using CodeQL, GitHub Actions, Go, Python, and JavaScript, as well as secure coding fundamentals in Python and C.

Maintenance & Community

For assistance, users can email securitylab-social@github.com, start a discussion on GitHub Discussions, or join the #secure-code-game channel on Slack.

Licensing & Compatibility

The project is released under the MIT License, which is generally permissive for commercial use and integration into closed-source projects.

Limitations & Caveats

The primary method of interaction relies on GitHub Codespaces, which are subject to a monthly free hour limit. The newly released Season 4 may represent a less mature or tested iteration compared to earlier seasons.