Summary

This repository archives Theori's Cyber Reasoning System (CRS) submission for the DARPA AI Cyber Challenge (AIxCC). It offers a snapshot of the final release code, enabling technical users to study advanced AI security agent architectures. While unsupported, it provides insights for AI security, agent development, or potential commercial applications via direct contact with Theori.

How It Works

The system, codenamed "Robo Duck," is a Cyber Reasoning System (CRS) heavily leveraging Large Language Models (LLMs) for its decision-making. Designed for the AI Cyber Challenge environment, its architecture likely involves agents processing tasks and interacting with tools. Configuration is managed via environment variables or token files for LLM providers (Anthropic, OpenAI, Google, Azure), and the system is deployable via Docker.

Quick Start & Requirements

• Primary run command: docker compose --profile main up --exit-code-from crs-main after docker pull ghcr.io/theori-io/crs:latest.
• Prerequisites: API keys for LLM providers, Docker, Docker Compose.
• Resource Footprint: High LLM operational costs are warned, potentially exceeding $1,000 per hour without careful model selection.
• Links: Official documentation and architecture diagrams are referenced but not directly linked.

Highlighted Details

• Contains the complete code submitted for the final round of the DARPA AI Cyber Challenge (July-August 2025).
• System is tuned for the AI Cyber Challenge environment, with significant LLM budget implications.
• Includes Azure deployment scripts via Terraform.
• Features an "Agent Log Viewer" for introspection of agent behavior, conversations, and tool calls, including serialized agent states for debugging.
• Evaluation dashboard scripts are provided for visualizing performance data.

Maintenance & Community

• This repository is provided for archival and historical purposes only and will not be supported or updated.
• Users interested in commercial applications should contact Theori directly.
• Slack is mentioned for accessing the evaluation dashboard.

Licensing & Compatibility

• The specific open-source license is not stated in the provided README content.
• Commercial use is possible via direct engagement with Theori.

Limitations & Caveats

• Code may contain bugs, be outdated, or rely on permissioned data.
• The repository will not receive support or updates.
• Significant operational costs associated with LLM usage are a major caveat.
• The absence of a specified license poses an adoption blocker.