From 0d40ad8f25648b589761f5ff46bea7cb84f053e8 Mon Sep 17 00:00:00 2001 From: mason5052 Date: Sat, 6 Jun 2026 19:52:31 -0400 Subject: [PATCH 1/2] fix: avoid unsupported XSStrike flags in prompts --- backend/pkg/templates/prompts/pentester.tmpl | 6 ++++ backend/pkg/templates/templates_test.go | 36 ++++++++++++++++++++ 2 files changed, 42 insertions(+) diff --git a/backend/pkg/templates/prompts/pentester.tmpl b/backend/pkg/templates/prompts/pentester.tmpl index bd38c83be..c0d4495f8 100644 --- a/backend/pkg/templates/prompts/pentester.tmpl +++ b/backend/pkg/templates/prompts/pentester.tmpl @@ -323,6 +323,12 @@ Check tool availability with 'which [tool]' before use. Install missing tools if {{end}} + +- Verify command-specific flags with `[tool] -h` or `[tool] --help` before first use when the exact syntax is uncertain. +- Do not copy flags between different tools. For XSStrike, do not use `xsstrike -c` or `xsstrike -o` unless the installed `xsstrike --help` explicitly documents those options. +- If output needs to be saved or reduced, prefer shell redirection or the tool's documented logging option instead of inventing unsupported output flags. + + Standalone (recommended): All operations in one command `msfconsole -q -x "use exploit/...; set LPORT [allocated]; exploit; sleep 20; sessions -l; sessions -i 1 -c 'sysinfo'; exit"` diff --git a/backend/pkg/templates/templates_test.go b/backend/pkg/templates/templates_test.go index 0904c1efd..4b3f6feae 100644 --- a/backend/pkg/templates/templates_test.go +++ b/backend/pkg/templates/templates_test.go @@ -1013,6 +1013,42 @@ func TestQuestionTaskPlannerPrompt(t *testing.T) { } } +// TestPentesterPromptXSStrikeArgumentGuidance keeps the pentester prompt from +// recommending unsupported XSStrike flags when composing terminal commands. +func TestPentesterPromptXSStrikeArgumentGuidance(t *testing.T) { + defaultPrompts, err := templates.GetDefaultPrompts() + if err != nil { + t.Fatalf("Failed to load default prompts: %v", err) + } + + dummyData := validator.CreateDummyTemplateData() + template := defaultPrompts.AgentsPrompts.Pentester.System.Template + + rendered, err := templates.RenderPrompt( + string(templates.PromptTypePentester), + template, + dummyData, + ) + if err != nil { + t.Fatalf("Failed to render pentester template: %v", err) + } + + requiredGuidance := []string{ + "cli_argument_protocol", + "XSStrike", + "xsstrike --help", + "xsstrike -c", + "xsstrike -o", + "inventing unsupported output flags", + } + + for _, guidance := range requiredGuidance { + if !strings.Contains(rendered, guidance) { + t.Errorf("Rendered pentester template missing XSStrike argument guidance: %s", guidance) + } + } +} + // TestTaskAssignmentWrapperPrompt tests the task_assignment_wrapper template func TestTaskAssignmentWrapperPrompt(t *testing.T) { defaultPrompts, err := templates.GetDefaultPrompts() From bd1bb75c2fd155c8968ca58506cb949002c2c378 Mon Sep 17 00:00:00 2001 From: mason5052 Date: Sat, 13 Jun 2026 22:58:43 -0400 Subject: [PATCH 2/2] fix: harden CLI argument guardrail against xsstrike -o /dev/null --- backend/pkg/templates/prompts/pentester.tmpl | 5 +++-- backend/pkg/templates/templates_test.go | 2 ++ 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/backend/pkg/templates/prompts/pentester.tmpl b/backend/pkg/templates/prompts/pentester.tmpl index c0d4495f8..cafaab11d 100644 --- a/backend/pkg/templates/prompts/pentester.tmpl +++ b/backend/pkg/templates/prompts/pentester.tmpl @@ -325,8 +325,9 @@ Check tool availability with 'which [tool]' before use. Install missing tools if - Verify command-specific flags with `[tool] -h` or `[tool] --help` before first use when the exact syntax is uncertain. -- Do not copy flags between different tools. For XSStrike, do not use `xsstrike -c` or `xsstrike -o` unless the installed `xsstrike --help` explicitly documents those options. -- If output needs to be saved or reduced, prefer shell redirection or the tool's documented logging option instead of inventing unsupported output flags. +- Do not copy flags between different tools, and do not invent output flags: do not pass `-c`, `-o`, or `-o /dev/null` to a tool unless that tool's own `--help` documents them. +- For XSStrike specifically, do not use `xsstrike -c` or `xsstrike -o` (including `xsstrike -o /dev/null`); XSStrike does not accept these arguments. Confirm the exact flags with `xsstrike --help`. +- If output needs to be saved, reduced, or discarded, use shell redirection (for example, `> results.txt` or `> /dev/null`) or the tool's documented logging option instead of inventing unsupported output flags. diff --git a/backend/pkg/templates/templates_test.go b/backend/pkg/templates/templates_test.go index 4b3f6feae..1d49b98f7 100644 --- a/backend/pkg/templates/templates_test.go +++ b/backend/pkg/templates/templates_test.go @@ -1039,6 +1039,8 @@ func TestPentesterPromptXSStrikeArgumentGuidance(t *testing.T) { "xsstrike --help", "xsstrike -c", "xsstrike -o", + "xsstrike -o /dev/null", + "shell redirection", "inventing unsupported output flags", }