Skillget

auto-reverse-engineer

agent
Security Audit
Warn
Health Warn
  • No license — Repository has no license file
  • Description — Repository has a description
  • Active repo — Last push 0 days ago
  • Low visibility — Only 6 GitHub stars
Code Warn
  • Code scan incomplete — No supported source files were scanned during light audit
Permissions Pass
  • Permissions — No dangerous permissions requested
Purpose
This tool provides a collection of prompt templates and a structured workspace framework designed to orchestrate autonomous coding agents (like Codex or Claude) for reverse-engineering tasks.

Security Assessment
The framework itself consists of markdown instructions rather than executable code, meaning it doesn't contain hardcoded secrets or make direct network requests. However, the intended use case involves executing agents in autonomous "yolo" mode (`--yolo`) inside a continuous shell loop. When directed at a target, the underlying agent will heavily utilize shell commands, inspect files, and potentially access sensitive data or external networks depending on the reverse-engineering goal. Because it grants an agent autonomous, unbounded execution rights to analyze potentially unknown or untrusted binaries, the overall risk is rated as Medium.

Quality Assessment
The project is currently active with a recent last push and clearly documented instructions. On the downside, it lacks an open-source license, meaning strict legal rights to use, modify, or distribute the code are not formally granted. Furthermore, with only 6 GitHub stars, community trust and real-world testing are practically nonexistent. A concerning technical limitation is that no supported source code files were found during the automated audit, indicating it is strictly a prompt repository rather than a standard software package.

Verdict
Use with caution. While it is just a prompt framework and generally safe to read, actually executing it grants extensive, unmonitored system control to an AI agent, and the repository lacks the licensing and community validation expected for safe, long-term adoption.
SUMMARY

A prompt framework for running autonomous re projects in an existing agent harness.

README.md

auto-reverse-engineer

auto-reverse-engineer is a prompt framework for running autonomous reverse-engineering projects in an existing coding-agent harness.

Files

  • bootstrap.md: creates a new project workspace, asks for the required context, and prepares the run
  • program.md: runs the actual reverse-engineering loop inside that project workspace

How it works

  1. Run an agent with bootstrap.md.
  2. It creates a separate project folder for the target.
  3. It writes the initial files such as goal.md, project-context.md, progress.md, attempts.md, paths.md, inbox/, and knowledge-base/.
  4. It copies program.md into that project folder.
  5. Start a second agent in the new project folder with program.md.

Running it

From the repo root, first run bootstrap.md to create the project workspace.
In this example we use Codex, but the same can be done with Claude or any other agent harness.

codex "run bootstrap.md"

It will ask you for needed information and create the project workspace.

After bootstrap, start the main run from inside the created project folder:
For Codex, the agent does not always keep looping by itself, so run it in a shell loop from inside the project folder:

while true; do
    codex exec --yolo "run program.md, target projects/<project-slug>/goal.md" 2>&1 | tee -a agent.log
    sleep 1
done

Claude usually does not need a shell loop, so you can just run it once:

claude -p "run program.md"

Project model

Each target gets its own workspace. The framework repo stays generic. The project folder holds the target-specific state, artifacts, notes, scripts, and logs.

The runtime agent should:

  • work toward the goal in goal.md
  • keep a structured knowledge base
  • track attempts and avoid repeating failed work
  • maintain paths.md with prioritized investigation paths, blockers, and trigger conditions
  • poll inbox/ each loop to detect when the human provides requested resources
  • automatically unblock and pursue paths when trigger conditions are met
  • always work on the highest-priority ready path

Example

A project could target a CGM app and sensor:

  • inspect the APK
  • recover the BLE protocol
  • identify pairing and message parsing
  • reach raw glucose data from the device

Purpose

The point of this repo is simple: make autonomous reverse-engineering runs repeatable, structured, and isolated per target.

Reviews (0)

No results found