[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-920":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":16,"subscribersCount":16,"size":16,"stars1d":16,"stars7d":16,"stars30d":17,"stars90d":16,"forks30d":16,"starsTrendScore":16,"compositeScore":18,"rankGlobal":10,"rankLanguage":10,"license":19,"archived":20,"fork":20,"defaultBranch":21,"hasWiki":20,"hasPages":20,"topics":22,"createdAt":10,"pushedAt":10,"updatedAt":33,"readmeContent":34,"aiSummary":35,"trendingCount":16,"starSnapshotCount":16,"syncStatus":14,"lastSyncTime":36,"discoverSource":37},920,"lyrie-ai","OTT-Cybersecurity-LLC\u002Flyrie-ai","OTT-Cybersecurity-LLC","Lyrie.ai — The world's first autonomous AI cybersecurity agent. Built by OTT Cybersecurity LLC.","https:\u002F\u002Flyrie.ai",null,"TypeScript",388,43,2,3,0,14,4.93,"MIT License",false,"main",[23,24,25,26,27,28,29,30,31,32],"ai-agent","autonomous","cybersecurity","llm","lyrie","ott-cybersecurity","security","threat-intelligence","typescript","zero-day","2026-06-12 02:00:20","\u003C!-- lyrie-shield: ignore-file (this README contains code examples that demonstrate Shield detector strings; they are documentation, not vectors) -->\n\n\u003Cdiv align=\"center\">\n\n# 🛡️ Lyrie\n\n### The autonomous security agent.\n\n_Pentests apps. Defends agents. Researches binaries. Trains itself. One daemon._\n\n[![License: MIT](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FLicense-MIT-blue.svg)](LICENSE)\n[![Security: Native](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FSecurity-Native-green.svg)](SECURITY.md)\n[![Research](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Fresearch-research.lyrie.ai-7c3aed.svg)](https:\u002F\u002Fresearch.lyrie.ai)\n[![X](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Ffollow-@lyrie__ai-1da1f2.svg)](https:\u002F\u002Fx.com\u002Flyrie_ai)\n[![CI](https:\u002F\u002Fgithub.com\u002FOTT-Cybersecurity-LLC\u002Flyrie-ai\u002Factions\u002Fworkflows\u002Fci.yml\u002Fbadge.svg)](https:\u002F\u002Fgithub.com\u002FOTT-Cybersecurity-LLC\u002Flyrie-ai\u002Factions\u002Fworkflows\u002Fci.yml)\n[![CodeQL](https:\u002F\u002Fgithub.com\u002FOTT-Cybersecurity-LLC\u002Flyrie-ai\u002Factions\u002Fworkflows\u002Fcodeql.yml\u002Fbadge.svg)](https:\u002F\u002Fgithub.com\u002FOTT-Cybersecurity-LLC\u002Flyrie-ai\u002Factions\u002Fworkflows\u002Fcodeql.yml)\n[![Tests](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Ftests-1781%20passing-brightgreen.svg)](#-quality--tests)\n[![PyPI](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Fpypi-lyrie--agent-3776AB.svg?logo=pypi&logoColor=white)](https:\u002F\u002Fpypi.org\u002Fproject\u002Flyrie-agent\u002F)\n[![Releases](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fv\u002Frelease\u002FOTT-Cybersecurity-LLC\u002Flyrie-ai?include_prereleases&label=release)](https:\u002F\u002Fgithub.com\u002FOTT-Cybersecurity-LLC\u002Flyrie-ai\u002Freleases)\n[![LinkedIn](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Flinkedin-lyrie--ai-0077b5.svg)](https:\u002F\u002Fwww.linkedin.com\u002Fcompany\u002Flyrie-ai\u002F)\n\n[**Install**](#-install) · [**Quick Start**](#-quick-start) · [**Capabilities**](#-capabilities) · [**ATP**](#-the-agent-trust-protocol-atp) · [**Architecture**](#-architecture) · [**Shield Doctrine**](docs\u002Fshield-doctrine.md) · [**Research**](https:\u002F\u002Fresearch.lyrie.ai)\n\n🌐 **Localized:** [العربية](locales\u002FREADME.ar.md) · [Deutsch](locales\u002FREADME.de.md) · [Español](locales\u002FREADME.es.md) · [Français](locales\u002FREADME.fr.md) · [日本語](locales\u002FREADME.ja.md) · [Português](locales\u002FREADME.pt-BR.md) · [简体中文](locales\u002FREADME.zh-CN.md)\n\n\u003C\u002Fdiv>\n\n---\n\n## Who We Are\n\n**OTT Cybersecurity LLC** builds the security infrastructure of the AI era. We're not a startup adding a security feature to an AI product. We are a cybersecurity company that builds AI — the distinction matters.\n\nEvery AI agent platform treats security as an afterthought. We treat it as the foundation. Every advisory we publish on [lyrie.ai\u002Fresearch](https:\u002F\u002Flyrie.ai\u002Fresearch) is backed by a reproducible exploit lab and detection rules in this repo.\n\n## What We Are Building\n\nThe internet needed TLS before e-commerce could exist. AI agents need a trust protocol before the agentic economy can.\n\nWe are building it.\n\n**The Agent Trust Protocol (ATP)** — the first open cryptographic standard for AI agent identity, scope, and action verification — is authored by Lyrie and implemented here as the reference. Five primitives define what it means for an AI agent to be trustworthy: who it is, what it's authorized to do, what it did, whether it was tampered with, and how trust flows when it spawns children.\n\nLyrie is the reference implementation. The spec goes to IETF. Every organization running agents on ATP gets a verifiable attestation — the padlock for the AI era.\n\nBeyond ATP, Lyrie is the only stack that fuses:\n- **Offensive** — `lyrie hack \u003Ctarget>` runs end-to-end autonomous pentesting with GPU-accelerated adversarial attacks (GCG on H200, 140GB HBM3e)\n- **Defensive** — Shield Doctrine + Microsoft AGT bridge for 10\u002F10 OWASP ASI 2026 coverage\n- **Research** — Omega-Suite binary exploit analysis with Z3 SMT solver, ROP chains, CodeQL, deterministic crash replay\n- **Self-improving** — LyrieEvolve trains your own model on your own hardware via GRPO on H200\n- **Operational** — 9 built-in tools, 15-model routing, 126+ skills, launchd\u002Fsystemd daemon, cron management, sub-agent orchestration\n\nAll of this in one daemon. Zero required cloud dependencies.\n\n---\n\n## 📦 Install\n\n```bash\npip install lyrie-agent\n# or\ncurl -fsSL https:\u002F\u002Flyrie.ai\u002Finstall.sh | sh\n```\n\n---\n\n## ⚡ Quick Start\n\n```bash\nlyrie init                          # one-time setup wizard\nlyrie hack .\u002Fmyapp                  # run your first pentest\nlyrie daemon --threat-watch         # start always-on threat detection\nlyrie migrate --from openclaw       # import from another agent platform\n```\n\n---\n\n## 🔧 Capabilities\n\n### 🔴 Offensive Security\n\n**`lyrie hack \u003Ctarget>`** — one command, end-to-end autonomous pentest.\n\n```bash\nlyrie hack .\u002Fmyapp                          # local source tree\nlyrie hack https:\u002F\u002Fstaging.example.com      # live target\nlyrie hack .\u002Fmyapp --stage-e --approve      # generate + approve runnable PoCs\nlyrie hack .\u002Fmyapp --output sarif           # SARIF for GitHub Code Scanning\n```\n\n**Example output:**\n\n```\n[lyrie] Stage A: Attack Surface Mapping\n  → 14 entry points, 3 trust boundaries, 2 tainted data flows\n  → Risk hotspots: \u002Fapi\u002Fupload (critical), \u002Fadmin\u002Fexec (critical)\n\n[lyrie] Stage B: Scanning\n  → Nuclei: 3 critical, 7 high\n  → Semgrep: 11 findings (2 CWE-89, 4 CWE-79, 5 CWE-22)\n  → TruffleHog: 1 secret found in git history\n  → Trivy: 0 known-vulnerable binaries (hash-verified)\n\n[lyrie] Stage C: Validation\n  → Confirmed: 3 critical, 5 high (false-positive rate: 12%)\n\n[lyrie] Stage D: AAV (Adversarial Validation)\n  → GCG suffix attack: BYPASS on \u002Fapi\u002Fchat (H200, 140GB HBM3e)\n  → AutoDAN black-box: 2\u002F4 jailbreaks successful\n  → Crescendo escalation: content policy bypassed in 4 turns\n\n[lyrie] Stage E: Exploit\n  → SQLi PoC generated: exploits\u002Fsqli-001.py [PENDING APPROVAL]\n  → XSS PoC generated: exploits\u002Fxss-001.js [PENDING APPROVAL]\n\n[lyrie] Stage F: Remediation\n  → Patches generated: 5 files, unified diff in report\u002Fpatches\u002F\n\n[lyrie] Self-scan complete. Lyrie's own output passed Shield gate.\n```\n\n**What each stage validates:**\n- **A** — Attack surface mapping: entry points, trust boundaries, tainted data flows, ranked risk hotspots\n- **B** — Scanner sweep: Nuclei, Semgrep CE, TruffleHog, Trivy (binary hash-verified post-supply-chain-incident)\n- **C** — Validation: every finding confirmed before escalation; false positives killed here\n- **D** — AAV: GPU adversarial attacks (GCG\u002FAutoDAN) + multi-turn (Crescendo\u002FTAP) on AI endpoints\n- **E** — PoC generation: runnable exploits for SQLi, XSS, SSRF, RCE, path traversal, deserialization — operator approval gate\n- **F** — Code-level remediation: before\u002Fafter patches across JS\u002FPython\u002FPHP, not descriptions\n\n**GPU red-team:**\n```bash\nlyrie redteam \u003Cendpoint> --strategy gcg      # gradient-based suffix attack (H200, 140GB HBM3e)\nlyrie redteam \u003Cendpoint> --strategy autodan  # genetic algorithm black-box (H100, 80GB HBM3)\nlyrie redteam \u003Cendpoint> --preset state-actor --dry-run  # nation-state attack corpus\nlyrie redteam \u003Cendpoint> --preset entra      # Microsoft Entra AI priv-esc (4 vectors)\n```\n\n**Multi-turn jailbreaks (no GPU required):**\n```bash\nlyrie redteam \u003Cendpoint> --strategy crescendo  # 4 escalation styles, HarmBench baselines\nlyrie redteam \u003Cendpoint> --strategy tap        # tree-of-attacks with pruning\n```\n\n---\n\n### 🛡️ Agent Defense\n\n**Shield Doctrine** — every layer of Lyrie that touches untrusted text passes a Shield gate. Input, output, memory, patches, skills, tool calls. Zero exceptions. See [`docs\u002Fshield-doctrine.md`](docs\u002Fshield-doctrine.md).\n\n**Agent Trust Protocol (ATP)** — the cryptographic padlock for the AI era. Ed25519-signed agent identity, action receipts, scope declarations, trust chain rules. Every agent spawned by Lyrie carries a verifiable ATP badge. See [ATP section](#-the-agent-trust-protocol-atp).\n\n**Microsoft AGT Bridge** — `@lyrie\u002Fagt-bridge` sits on top of Microsoft's Agent Governance Toolkit. 10\u002F10 OWASP ASI 2026 with AGT. 7\u002F10 standalone. Graceful degradation when AGT unavailable.\n\n**MCP Security Scanner** — 8 pre-connection checks on every MCP server before Lyrie connects:\n1. Tool-poisoning detection\n2. Rug-pull pattern analysis\n3. Shadow-tool identification\n4. Excessive-scope flagging\n5. Cleartext-transport rejection\n6. Untrusted-npx blocking\n7. Unverified-server gating\n8. Prompt-in-tool-description detection\n\n**Memory Integrity** — SHA-256 drift detection on every memory block. OWASP ASI-06 defense.\n```bash\nlyrie memory integrity-check        # detect tampered memories\nlyrie memory integrity-check --fix  # quarantine and repair\n```\n\n**Tools-Catalog Enforcement** — every tool call passes a risk-policy gate:\n- `critical` → block + require operator approval\n- `high` → audit log mandatory\n- `medium` → rate-limited + allowlist-checked\n```bash\nlyrie tools audit    # full risk assessment of installed tools\n```\n\n**A2A Message Bus** — agents query each other mid-flight via Shield-filtered pub\u002Fsub. No unverified cross-agent calls.\n\n---\n\n### 🤖 Agent Operations\n\n**Daemon mode** — always-on, self-healing, KAIROS tick loop:\n```bash\nlyrie daemon                                          # basic daemon\nlyrie daemon --threat-watch                           # continuous threat detection\nlyrie daemon --threat-watch --self-heal               # auto-recover from detected threats\nlyrie daemon --threat-watch --self-heal --provider hermes  # local-first, zero cloud\nlyrie daemon --interval 5m                            # custom KAIROS tick interval\n```\n\n**Cron management:**\n```bash\nlyrie cron list                    # all scheduled jobs\nlyrie cron add \"0 2 * * *\" \"lyrie evolve dream\"  # nightly self-improvement\nlyrie cron add \"*\u002F5 * * * *\" \"lyrie daemon --threat-watch\"\nlyrie cron disable \u003Cid>            # pause without removing\nlyrie cron logs \u003Cid>               # execution history\n```\n\n**Skills library — 126+ skills:**\n```bash\nlyrie skills list                  # browse full library\nlyrie skills search \"web scraping\" # find relevant skills\nlyrie skills install \u003Cskill-id>    # add to agent\nlyrie skills run \u003Cskill-id>        # execute directly\n```\n\nLyrie's skill loader imports existing skill libraries (OpenClaw, Claude Code, AutoGPT) on `lyrie migrate`. Skills are Shield-gated before execution.\n\n**Sub-agent orchestration:**\n```bash\n# Spawn isolated child agent (programmatic)\nspawn_subagent({\n  task: \"Scan this endpoint for SQLi and return findings as JSON\",\n  model: \"anthropic\u002Fclaude-sonnet-4-6\",\n  context: \"isolated\"  # or \"fork\" to inherit parent context\n})\n```\n\nChild agents carry ATP badges from their parent. Trust chain is cryptographically verifiable.\n\n**WorkspaceContext** — every agent turn loads SOUL.md, AGENTS.md, MEMORY.md for persistent identity and rules across sessions. No cold starts.\n\n**Model routing — 15 models, task-aware:**\n```bash\nlyrie models list        # all registered models + health\nlyrie models health      # live status check\nlyrie models route       # show current routing table\n```\n\n| Task | Routes to |\n|---|---|\n| Code implement\u002Frefactor | GPT-5.4-Codex |\n| Bulk\u002Fparallel ops | MiniMax-M2.5-HS |\n| Strategy\u002Farchitecture | Grok (reasoning) |\n| Local\u002Fprivacy-first | Hermes-3 (NousResearch) |\n| Default | claude-sonnet-4-6 |\n| Free tier fallback | NVIDIA NIM (134 models) |\n\n**Migration from any agent platform:**\n```bash\nlyrie migrate --from openclaw      # ports memory, skills, config\nlyrie migrate --from claude-code   # imports MCP servers + provider keys\nlyrie migrate --from cursor        # imports model config + extensions\nlyrie migrate --from hermes        # ports skills + trajectory\nlyrie migrate --from autogpt       # ports goals + memory\nlyrie migrate --from all           # auto-detect all installed platforms\nlyrie migrate --from claude-code --secure  # import + CVE check MCP servers\nlyrie migrate --detect --dry-run   # preview what would be imported\n```\n\nSupported: `openclaw`, `claude-code`, `cursor`, `hermes`, `autogpt`, `nanoclaw`, `zeroclaw`, `dify`, `superagi`, `nanobot`, `grip-ai`\n\n---\n\n### 🔩 Built-in Tools\n\nAll 9 tools are Shield-gated. Every call passes input\u002Foutput validation before execution.\n\n| Tool | What it does |\n|---|---|\n| **exec** | Unified shell + process manager. Auto risk detection — critical commands require approval. Supports TTY, background sessions, stdin\u002Fstdout streaming. |\n| **browser** | Full CDP automation. Connects to a running Chrome instance via `127.0.0.1:9223`. Zero timeout bugs that plagued previous adapters. Screenshot, click, type, evaluate, multi-tab. |\n| **web_search** | Brave Search API. 1-hour result cache, domain deduplication, region\u002Flanguage support. |\n| **web_fetch** | HTML → markdown extraction via readability. 30-minute cache. Handles SPAs, paywalls, JS-heavy pages. |\n| **message** | Proactive sends to Telegram, Discord, Slack, Matrix, Feishu, IRC, and 7 more channels. Supports inline buttons, reactions, thread replies. |\n| **memory_store** | Persistent memory with auto-categorization (preference\u002Ffact\u002Fdecision\u002Fentity). Deduplication, TTL, importance scoring. |\n| **memory_recall** | BM25-ranked semantic search over stored memories. Returns top-k by relevance. |\n| **image_generate** | H200 local Stable Diffusion first, OpenAI fallback. Transparent backgrounds, multiple aspect ratios, edit mode. |\n| **tts** | OpenAI TTS. Default voice: nova (warm, clear). Onyx for dramatic narration. |\n| **spawn_subagent** | Spawn child agents in isolated or fork mode. ATP-badged. Results auto-announced to parent. |\n\n---\n\n### 🏗️ Infrastructure\n\n**Service installation:**\n```bash\nlyrie service install    # launchd (macOS) or systemd (Linux) — starts on boot\nlyrie service status     # health + uptime\nlyrie service logs       # tail daemon logs\nlyrie service uninstall  # clean removal\n```\n\n**LyrieEvolve — self-improving agent:**\n```bash\nlyrie evolve status      # skill library stats + last dream cycle\nlyrie evolve dream       # score → extract → prune → train\nlyrie evolve extract     # pull reusable skills from recent sessions\nlyrie evolve stats       # domain breakdown: cyber \u002F seo \u002F trading \u002F code\nlyrie evolve train --export atropos  # GRPO fine-tuning on H200\n```\n\nSee [`docs\u002Fevolve.md`](docs\u002Fevolve.md) and [`docs\u002Fh200-training.md`](docs\u002Fh200-training.md).\n\n**AI Governance:**\n```bash\nlyrie governance assess --interactive        # NIST AI RMF 8-question assessment\nlyrie governance assess --config agent.json  # auto-infer from config\nlyrie governance permissions .\u002Ftools.json    # scan tool permissions for risk\n```\n\n**Environment diagnostics:**\n```bash\nlyrie doctor             # full self-diagnostic (env, channels, security)\nlyrie doctor --json      # machine-readable for CI\n```\n\n---\n\n## 🔐 The Agent Trust Protocol (ATP)\n\nATP is the first open cryptographic standard for AI agent identity, scope, and action verification. Authored by OTT Cybersecurity LLC. IETF-draft quality RFC. [`packages\u002Fatp\u002F`](packages\u002Fatp\u002F)\n\n**Five primitives:**\n\n| Primitive | File | What it proves |\n|---|---|---|\n| Agent Identity Certificates | `aic.ts` | Who this agent is (Ed25519 keypair, issuer chain) |\n| Action Receipts | `receipt.ts` | What it did (signed log of every tool call) |\n| Scope Declaration Language | `scope.ts` | What it's authorized to do (SDL enforcement) |\n| Trust Chain Rules | `trust-chain.ts` | How trust flows to spawned children |\n| Breach Attestation | `breach.ts` | Cryptographically signed incident record |\n\n**ATP Badge** — every agent running on Lyrie carries a verifiable badge:\n```bash\nlyrie atp verify \u003Cagent-id>      # verify identity + scope\nlyrie atp receipt \u003Csession-id>   # audit trail for any session\nlyrie atp badge --show           # display this agent's current badge\n```\n\nThe IETF spec is in [`packages\u002Fatp\u002FRFC-DRAFT.md`](packages\u002Fatp\u002F). Organizations running agents on ATP get a verifiable attestation — machine-readable proof that an AI acted within its declared scope.\n\n---\n\n## 🤖 LyrieAAV — Adversarial Validation\n\nLyrieAAV attacks deployed AI agents and LLMs to find security vulnerabilities before adversaries do.\n\n**Attack corpus:** 200+ vectors across OWASP LLM Top 10 + OWASP ASI 2026.\n\n**GPU attacks (white-box and black-box):**\n- **GCG** (`packages\u002Fcore\u002Fsrc\u002Faav\u002Fstrategies\u002Fgcg.ts`) — gradient-based adversarial suffix generation on H200 (140GB HBM3e). White-box access required. Finds universal suffixes that transfer across models.\n- **AutoDAN** (`packages\u002Fcore\u002Fsrc\u002Faav\u002Fstrategies\u002Fautodan.ts`) — genetic algorithm jailbreak search. Black-box. No model access needed. Generates human-readable bypass prompts.\n\n**Multi-turn strategies (no GPU):**\n- **Crescendo** — 4 escalation styles based on HarmBench baselines. Gradually escalates across turns until content policy breaks.\n- **TAP** — Tree-of-Attacks with Pruning. Explores attack tree, prunes dead branches, focuses on highest-yield paths.\n\n**OWASP LLM Top 10 + ASI 2026 coverage:**\n\n| OWASP ID | Category | Lyrie Coverage |\n|---|---|---|\n| LLM01 | Prompt Injection | GCG, AutoDAN, Crescendo, TAP |\n| LLM02 | Insecure Output Handling | Stage C validation, Shield output gate |\n| LLM03 | Training Data Poisoning | LyrieEvolve GRPO audit |\n| LLM04 | Model DoS | Rate-limit enforcement |\n| LLM05 | Supply Chain | Trivy binary hash verification |\n| LLM06 | Sensitive Info Disclosure | TruffleHog, Shield output scan |\n| LLM07 | Insecure Plugin Design | MCP Scanner (8 checks) |\n| LLM08 | Excessive Agency | Scope Declaration Language |\n| LLM09 | Overreliance | Human approval gates |\n| LLM10 | Model Theft | ATP breach attestation |\n| ASI-06 | Memory Tampering | SHA-256 drift detection |\n\nFull docs: [`docs\u002Faav.md`](docs\u002Faav.md)\n\n---\n\n## 🔬 Omega-Suite — Binary Exploit Research\n\nThe deepest open-source offensive research stack on GitHub. Used internally by Lyrie's threat research team.\n\n**Tier 1 (shipped):**\n- **Z3 SMT solver** — binary exploit feasibility analysis. Determines if a memory corruption path is actually reachable.\n- **ROP chain analysis** — automated return-oriented programming gadget discovery and chain construction.\n- **CodeQL agent** — semantic code analysis on compiled artifacts, not just source.\n- **Crash analysis** — deterministic `rr` replay of crashes. Same crash, every time. Root cause in minutes, not hours.\n- **OSS forensics** — dependency attribution, provenance tracing, supply-chain incident correlation.\n\n```bash\nlyrie omega analyze \u003Cbinary>           # full Omega-Suite run\nlyrie omega rop \u003Cbinary>               # ROP gadget discovery\nlyrie omega smt \u003Cbinary> \u003Ccrash-input> # exploit feasibility via Z3\nlyrie omega replay \u003Ccrash-log>         # rr deterministic replay\n```\n\n---\n\n## 🧬 LyrieEvolve — Self-Improving Agent\n\nLyrie is the only autonomous agent that gets measurably better at your specific workloads over time.\n\n**The loop:**\n1. Score every completed task (domain-specific rewards: cyber, SEO, trading, code)\n2. Extract reusable skills from high-scoring sessions\n3. Retrieve top-3 past successes as context before each new task\n4. Nightly GRPO fine-tuning on H200 — your workload, your model, your hardware\n\n```bash\nlyrie evolve status      # library stats + last dream timestamp\nlyrie evolve extract     # pull skills from recent sessions\nlyrie evolve dream       # full nightly cycle: score → extract → prune → summarize\nlyrie evolve train --export atropos   # export H200-ready GRPO training data\nlyrie evolve stats       # domain breakdown\n```\n\nTraining pipeline: [`docs\u002Fh200-training.md`](docs\u002Fh200-training.md). Atropos-compatible export for direct GRPO runs.\n\n---\n\n## 📊 Capability Matrix\n\n| Capability | Lyrie | General Agent Frameworks | Security Scanners |\n|---|---|---|---|\n| Autonomous pentest (A–F) | ✅ Full | ❌ | Partial |\n| Agent Trust Protocol | ✅ Authored | ❌ | ❌ |\n| GPU adversarial attacks | ✅ H200 + H100 | ❌ | ❌ |\n| Local model first | ✅ Hermes-3 | Varies | ❌ |\n| Built-in cron management | ✅ | ❌ | ❌ |\n| 126+ skills library | ✅ | Varies | ❌ |\n| Self-improving (GRPO) | ✅ H200 | ❌ | ❌ |\n| OWASP ASI 2026 | ✅ 10\u002F10 | ❌ | Partial |\n| MCP security scanning | ✅ 8 checks | ❌ | ❌ |\n| Background daemon | ✅ launchd\u002Fsystemd | Varies | ❌ |\n| Code-level remediation | ✅ | ❌ | ❌ |\n| Binary exploit research | ✅ Omega-Suite | ❌ | Partial |\n| 15-model task routing | ✅ | Varies | ❌ |\n| Sub-agent orchestration | ✅ ATP-badged | Varies | ❌ |\n| Memory integrity checks | ✅ SHA-256 | ❌ | ❌ |\n| 9 built-in tools | ✅ Shield-gated | Varies | ❌ |\n\n---\n\n## 🏛️ Architecture\n\n```\nlyrie-agent\u002F\n├── packages\u002F\n│   ├── core\u002F             # Engine: tools, AAV, Shield, cron, skills, models\n│   │   └── src\u002F\n│   │       ├── tools\u002F    # 9 built-in tools (browser, exec, web, memory, media, message, spawn-subagent)\n│   │       ├── aav\u002F      # Adversarial validation (GCG, AutoDAN, Crescendo, TAP)\n│   │       ├── security\u002F # MCP scanner, provider validator\n│   │       ├── cron\u002F     # Cron manager\n│   │       └── skills\u002F   # Skill loader, registry, runner, search\n│   ├── atp\u002F              # Agent Trust Protocol (AIC, receipt, scope, trust-chain, breach)\n│   ├── shield\u002F           # Rust Shield binary (JSON-RPC, file-write scan, outbound WAF)\n│   └── gateway\u002F          # Channel adapters (Telegram, Discord, Slack, Matrix, IRC, Feishu, ...)\n├── deploy\u002F\n│   └── oss-scan\u002F         # Dockerized public scanner (research.lyrie.ai\u002Fscan)\n├── docs\u002F\n│   ├── shield-doctrine.md\n│   ├── aav.md\n│   ├── evolve.md\n│   ├── h200-training.md\n│   └── brand-guide.md\n└── scripts\u002F              # redteam.ts, scan.ts, evolve.ts\n```\n\n**Design principles:**\n- Shield-first: untrusted text never reaches a tool without a gate\n- Local-first: Hermes-3 default, cloud optional\n- ATP-native: every agent and every action is cryptographically accountable\n- No Docker required: `pip install lyrie-agent` and you're running\n\n---\n\n## 🚀 Lyrie Pentest Action\n\n```yaml\n# .github\u002Fworkflows\u002Flyrie-pentest.yml\n- uses: OTT-Cybersecurity-LLC\u002Flyrie-pentest-action@v1\n  with:\n    target: .\u002F\n    fail-on: high\n    upload-sarif: true\n```\n\nShield-scans every PR. Posts a single-comment-per-PR Markdown summary. Uploads SARIF to GitHub Code Scanning. Blocks merges on threshold.\n\n---\n\n## ✅ Quality & Tests\n\n```\n1,726 tests \u002F 0 failures \u002F 5,672 expect() calls\n94 test files — bun test --reporter=dot\n```\n\nEvery shipped feature has tests. No stubs masquerading as implementations. If Stage E generates PoCs, there are tests that verify runnable output. If the GRPO pipeline exports Atropos data, there are tests that verify the schema.\n\n---\n\n## 🤝 Contributing\n\nSee [`CONTRIBUTING.md`](CONTRIBUTING.md). New CVE labs follow [`tools\u002Fexploit-lab\u002FLAB-PROTOCOL.md`](tools\u002Fexploit-lab\u002FLAB-PROTOCOL.md).\n\nCode of Conduct: [`CODE_OF_CONDUCT.md`](CODE_OF_CONDUCT.md). PRs that weaponize Lyrie tooling against unconsenting targets are rejected.\n\n---\n\n## 🔐 Security\n\nSee [`SECURITY.md`](SECURITY.md). Responsible disclosure: **security@lyrie.ai**\n\nCybersecurity isn't a feature here — it's the product.\n\n---\n\n## 📜 License\n\nMIT — OTT Cybersecurity LLC. Use it, fork it, build on it.\n\n---\n\n\u003Cdiv align=\"center\">\n\n**Lyrie.ai** — _Built by [OTT Cybersecurity LLC](https:\u002F\u002Foverthetop.ae)_\n\n[Research](https:\u002F\u002Fresearch.lyrie.ai) · [@lyrie_ai](https:\u002F\u002Fx.com\u002Flyrie_ai) · [LinkedIn](https:\u002F\u002Fwww.linkedin.com\u002Fcompany\u002Flyrie-ai\u002F) · [lyrie.ai](https:\u002F\u002Flyrie.ai) · [overthetop.ae](https:\u002F\u002Foverthetop.ae)\n\n© 2026 OTT Cybersecurity LLC. All rights reserved.\n\n\u003C\u002Fdiv>\n","Lyrie.ai 是由 OTT Cybersecurity LLC 开发的世界首个自主AI网络安全代理。该项目使用TypeScript编写，具备自动渗透测试应用程序、保护代理、研究二进制文件以及自我训练的核心功能，旨在为人工智能时代构建安全基础设施。它引入了Agent Trust Protocol (ATP)，这是一种开放的加密标准，用于验证AI代理的身份、范围和行为，从而确保在执行任务时的安全性和可靠性。Lyrie.ai适用于需要高级别安全保障的场景，如企业级应用、关键信息基础设施保护等，特别适合那些希望在采用AI技术的同时不牺牲安全性的组织和个人。","2026-06-11 02:40:15","CREATED_QUERY"]