-
Notifications
You must be signed in to change notification settings - Fork 16
Expand file tree
/
Copy pathcontainer_shell_network_analysis.yaml
More file actions
36 lines (31 loc) · 1.24 KB
/
container_shell_network_analysis.yaml
File metadata and controls
36 lines (31 loc) · 1.24 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
# SPDX-FileCopyrightText: GitHub, Inc.
# SPDX-License-Identifier: MIT
seclab-taskflow-agent:
filetype: toolbox
version: "1.0"
server_params:
kind: stdio
command: python
args: ["-m", "seclab_taskflows.mcp_servers.container_shell"]
env:
CONTAINER_IMAGE: "seclab-shell-network-analysis:latest"
CONTAINER_WORKSPACE: "{{ env('CONTAINER_WORKSPACE', required=False) }}"
CONTAINER_TIMEOUT: "{{ env('CONTAINER_TIMEOUT', '30') }}"
CONTAINER_PERSIST: "{{ env('CONTAINER_PERSIST', required=False) }}"
CONTAINER_PERSIST_KEY: "{{ env('CONTAINER_PERSIST_KEY', required=False) }}"
LOG_DIR: "{{ env('LOG_DIR') }}"
confirm:
- shell_exec
server_prompt: |
## Container Shell (network analysis)
You have access to an isolated Docker container for network analysis and recon.
Files (e.g. pcap captures) are available at /workspace.
Available tools:
- nmap — network discovery and port scanning
- tcpdump — packet capture and inspection
- tshark — Wireshark CLI for pcap analysis
- netcat (nc) — TCP/UDP connections and simple servers
- dig / nslookup — DNS lookups
- curl / wget — HTTP inspection
- jq — JSON parsing and transformation
- httpie (http) — human-friendly HTTP client