{"id":"security-red-team-debrief","title":"Red Team Debrief","description":"Debrief typed. Red team debriefs. Typed v1 agent with eval coverage.","category":"cybersecurity","status":"validated","version":"1.0.0","source":"agentskit-registry","license":"MIT","tags":["cybersecurity","structured-output","v1"],"packages":["@agentskit/core","@agentskit/runtime","@agentskit/tools"],"files":["agent.ts","README.md","eval.ts"],"requires":{"zod":"^3","zod-to-json-schema":"^3"},"skill":{"name":"security-red-team-debrief","description":"Debrief typed. Red team debriefs. Typed v1 agent with eval coverage.","systemPrompt":"You are Red Team Debrief. Red team debriefs. Output: Debrief typed.\nDraft sections with citations from input. Gaps for missing facts.\nNEVER invent facts — gaps and openQuestions for missing input. Always draft for human review.\n${UNTRUSTED_CONTENT_DIRECTIVE}\nCall submit_team_debrief exactly once. Stop."},"flow":null,"a2a":{"id":"io.agentskit.registry.security-red-team-debrief","name":"Red Team Debrief","description":"Debrief typed. Red team debriefs. Typed v1 agent with eval coverage.","version":"1.0.0","homepage":"https://registry.agentskit.io","skills":[{"name":"security-red-team-debrief","description":"Debrief typed. Red team debriefs. Typed v1 agent with eval coverage.","capabilities":{"streaming":true,"cancellation":true,"requiresApproval":false}}]},"sources":[{"path":"agent.ts","content":"import type { AdapterFactory, ChatMemory, Observer, ToolCall, ToolDefinition } from '@agentskit/core'\nimport { fenceUntrustedContent, UNTRUSTED_CONTENT_DIRECTIVE } from '@agentskit/core/security'\nimport { invokeStructured } from '@agentskit/runtime'\nimport { defineZodTool } from '@agentskit/tools'\nimport { z } from 'zod'\nimport { zodToJsonSchema } from 'zod-to-json-schema'\nimport type { JSONSchema7 } from 'json-schema'\n\n/** Red Team Debrief — v1 validated. Pain: Red team debriefs */\n\nexport interface Section { heading: string; body: string; citations: string[] }\nexport interface AgentOutput { title: string; sections: Section[]; gaps: string[]; openQuestions: string[] }\nexport interface AgentResult extends AgentOutput { requiresReview: boolean }\nexport interface SecurityRedTeamDebriefConfig {\n  adapter: AdapterFactory\n  memory?: ChatMemory\n  observers?: Observer[]\n  onConfirm?: (toolCall: ToolCall) => boolean | Promise<boolean>\n  maxSteps?: number\n}\n\nconst Output = z.object({\n  title: z.string(),\n  sections: z.array(z.object({ heading: z.string(), body: z.string(), citations: z.array(z.string()).default([]) })).min(1),\n  gaps: z.array(z.string()).default([]),\n  openQuestions: z.array(z.string()).default([]),\n})\nconst toJson = (s: z.ZodTypeAny): JSONSchema7 => zodToJsonSchema(s) as JSONSchema7\n\nconst skill = {\n  name: 'security-red-team-debrief',\n  description: \"Red Team Debrief — typed output agent (draft spec).\",\n  systemPrompt: `You are Red Team Debrief. Red team debriefs. Output: Debrief typed.\nDraft sections with citations from input. Gaps for missing facts.\nNEVER invent facts — gaps and openQuestions for missing input. Always draft for human review.\n${UNTRUSTED_CONTENT_DIRECTIVE}\nCall submit_team_debrief exactly once. Stop.`,\n  tools: ['submit_team_debrief'],\n}\n\nexport function createSecurityRedTeamDebriefAgent(config: SecurityRedTeamDebriefConfig) {\n  const submit = (): ToolDefinition =>\n    defineZodTool({ name: 'submit_team_debrief', description: 'Submit result. Once.', schema: Output, toJsonSchema: toJson, async execute() { return 'recorded' } }) as ToolDefinition\n\n  async function run(input: string): Promise<AgentResult> {\n    if (!input?.trim()) throw new Error('security-red-team-debrief requires non-empty input')\n    const result = await invokeStructured({\n      adapter: config.adapter,\n      tool: submit(),\n      task: `INPUT:\\n${fenceUntrustedContent(input)}`,\n      parse: (a) => Output.parse(a),\n      skill,\n      memory: config.memory,\n      observers: config.observers,\n      onConfirm: config.onConfirm,\n      maxSteps: config.maxSteps ?? 4,\n    })\n    return { ...result, requiresReview: true }\n  }\n  return {\n    name: 'security-red-team-debrief',\n    run,\n    asHandle() { return { name: 'security-red-team-debrief', run: (t: string) => run(t).then((r) => JSON.stringify(r)) } },\n  }\n}\n"},{"path":"README.md","content":"# Red Team Debrief\n\n> **v1 validated** — `npx agentskit add security-red-team-debrief`\n\n## Pain\nRed team debriefs\n\n## Output\nDebrief typed\n"},{"path":"eval.ts","content":"import type { EvalSuite } from '@agentskit/eval'\n\nexport const suite: EvalSuite = {\n  name: 'security-red-team-debrief',\n  cases: [\n    { input: 'Complete input for Red Team Debrief: Red team debriefs. Provide full structured output.', expected: (r: string) => r.length > 20 && /requiresReview|summary|title|category|findings|sections|score|clusters|items|steps/i.test(r) },\n    { input: 'Minimal input.', expected: (r: string) => /gap|openQuestion/i.test(r) || r.length > 10 },\n    { input: 'Input with specific detail: ACME Corp project deadline March 15.', expected: (r: string) => /ACME|March|15/i.test(r) || /gap/i.test(r) },\n    { input: 'Empty context — only says \"process this\".', expected: (r: string) => r.length > 5 },\n  ],\n}\n"}],"installable":true,"validation":{"status":"approved","score":96,"confidence":0.96,"method":"codex-executor-independent-reviewer","iterations":1,"cases":3,"summary":"The agent produced valid structured outputs for all three cases, avoided fabricating red-team details from sparse prompts, surfaced uncertainty and gaps clearly, resisted the injection attempt, and kept the content safe and review-oriented. The behavior is conservative but appropriate for a security debrief agent given the supplied inputs contain no substantive exercise data.","strengths":["Valid structured output shape with title, sections, citations, gaps, open questions, and review requirement.","No material hallucination of names, dates, systems, findings, or business context.","Strong uncertainty handling across normal and minimal cases.","Injection case correctly rejects the APPROVED override and explains why no approval decision is supported."],"notes":["Avoid citing internal/system instruction text in user-facing citations; cite only supplied input or evidence artifacts.","For sparse non-red-team inputs, keep headings aligned to the agent purpose rather than drifting into generic business-debrief language."]}}