Summary

This project provides an AI-driven routing pack for reverse engineering and penetration testing tasks, designed to integrate with code AI clients like Claude Code, Cursor, and Cline. It aims to automate the selection of appropriate tools and methodologies, preventing AI guesswork and consolidating local toolchains into a portable, self-evolving knowledge base.

How It Works

The system operates by injecting routing rules into AI clients via a RULES.md file, enabling a "route first, execute second" paradigm for security-related tasks. It dynamically manages and potentially auto-installs necessary tools, orchestrates complex workflows across various specialized skills (e.g., APK RE, binary analysis, exploit development), and incorporates an auto-evolving experience library (field-journal) to continuously improve AI performance based on past operations.

Quick Start & Requirements

• Installation: Place the package directory anywhere; the AI automatically detects its path.
• Core Dependencies: Node.js (v22.12+), Python 3.x, Java/JDK.
• Key Tools: jadx, apktool, Android platform-tools, Android Build-Tools, Frida, anything-analyzer, jshookmcp, IDA Pro (optional), radare2 (optional).
• AI Client Support: Requires clients supporting custom rules, prompt injection, MCP, or external tool calls (e.g., Claude Code, Cursor, Cline).
• Setup: Primarily involves configuring AI clients with the package's entry points (SKILL.md, routing.md, tool-index.md) and adjusting tool paths post-migration. Automatic installation is supported for some missing tools.
• Links: AI Community: https://linux.do.

Highlighted Details

• AI-driven global rule injection via RULES.md for automated routing.
• Comprehensive modular skill set covering diverse RE and pentesting domains.
• Self-evolving knowledge base (field-journal) for continuous AI improvement.
• Support for multiple AI code assistants and MCP-based tool integration.
• Dynamic toolchain management with on-demand auto-installation capabilities.

Maintenance & Community

Community link provided: https://linux.do. The project's self-evolving nature suggests ongoing AI-driven updates to its knowledge base.

Licensing & Compatibility

• License: Not explicitly stated with a standard identifier (e.g., MIT, Apache). Usage is restricted to legally authorized security research, learning, and CTF competitions.
• Compatibility: Designed for AI clients supporting specific integration methods (rules, prompt injection, MCP). Commercial use or linking with closed-source projects is not explicitly addressed but implied to be restricted by the usage terms.

Limitations & Caveats

Requires AI clients capable of advanced integration (rules, external tools); it is not a standalone tool. Setup involves significant path configuration, especially after migration. Some tools may necessitate manual installation. The project strictly prohibits unauthorized penetration testing, and users are responsible for legal compliance.