원클릭으로
recursive-improvement
Deterministic RSI pass — findings store signals → loop state mutations, refinement hints, improvement ledger.
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
메뉴
Deterministic RSI pass — findings store signals → loop state mutations, refinement hints, improvement ledger.
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
SOC 직업 분류 기준
Practitioner-elevated asset tracing patterns from SlowMist Crypto-Asset-Tracing-Handbook. Provides canonical property tables for obfuscation patterns (peel chains, mixers, bridge hops), address behavior clustering/risk profiling, cross-chain reconstruction workflows. Hard-first on behavioral + flow invariants. Integrates with codegraph-x-ray, deep-dive-handoff, and bounty forensics. Includes reference implementation for mixer deposit/withdrawal clustering. Trigger: alpha-miner on tracing handbook or similar.
Drop-in skill adapted from Glider query engine for static analysis, taint tracking, CFG/DFG traversal in bug bounty. Supports lazy reference loading, creativity layer for audited targets, integrates with bounty-loop. EVM priority with Solana compatibility.
Use for mining validator/runtime/cache/storage-key coherence bugs in blockchain clients, VMs, program loaders, bridge runtimes, and execution harnesses. Hard-first on stale cache, recycled identifier, partial flush, epoch/generation drift, mempool/order-dependent runtime state, and storage-key confusion. Trigger on runtime cache invariant, stale cache bug, VM storage confusion, client cache coherence, Aptos-style hijack, validator-local state, epoch-boundary bug, or when alpha-miner extracts runtime/client exploit engineering.
Cross-references a graphified target codebase (codegraph-x-ray output) against the local AuditVault corpus to surface structurally analogous historical vulnerabilities. Run after codegraph-x-ray has completed and produced invariants.md and property_candidates.md. Produces ranked pattern-match hits with per-finding graph anchor evidence. Pattern matches are advisory signals only — never evidence of exploitability and never a substitute for live reproduction or submission-gate validation.
Combines structured codegraph intelligence with rigorous invariant synthesis. Enforces high-quality usage of codegraph to identify the Primary Target Subsystem, then applies ordered structural invariant discovery with strict verification gates. Produces categorized invariants and high-quality property candidates ready for ultrafuzz-discovery. Trigger on codegraph-x-ray, x-ray with codegraph, invariant synthesis, primary subsystem invariants.
Optional accelerator and scaffolder for ultrafuzz-discovery. Brings parallel specialized invariant discovery agents, automated harness/handler scaffolding, coverage-driven refinement loops, property tagging, and reproducible test generation helpers from high-quality EVM fuzz patterns. Designed to speed up property fan-in and executable attempts phases while preserving NSS rigor, fresh-context pass@k, adjudication, and Crucible usage. Trigger on fuzz-scaffolder, accelerate invariant discovery, generate fuzz harness, scaffold handlers.
| name | recursive-improvement |
| description | Deterministic RSI pass — findings store signals → loop state mutations, refinement hints, improvement ledger. |
No LLM in this layer. Reads findings store + loop outcomes; writes bounded state updates and improvement_ledger.jsonl.
Runs automatically at end of each bounty loop tick. Use this skill for standalone analysis or post-cron triage.
| Action | Trigger | Effect |
|---|---|---|
repeat_fingerprint | Same top-findings hash as prior run on slug | Log + extend cooldown |
extend_cooldown | Repeat fingerprint | +12h per repeat (max 72h) |
queue_refinement | Grade 1–2 survivors, survival ≥ 0.4 | refinement_queue + refinement_hints.json |
plateau_template | Catalogue analogue grade ≥ 4 | template_plateaus[slug] |
boost_scan_priority | Refinement candidates in store | scan_boost_slugs |
config_fallback | Fork catalogue-only | config_hints[slug] → semantic recon or novel config |
failure_trace | Repeated PoC/probe failure fingerprint | failure_signatures.jsonl + semantic recon task |
.venv/bin/python -m night_shift_security.cli.main improve
cat data/security_results/loop/refinement_hints.json
tail -5 data/security_results/knowledge/improvement_ledger.jsonl
jq '.refinement_queue, .cooldown_overrides' data/security_results/loop/state.json
Summarize execution failures when trace files exist:
.venv/bin/python -m night_shift_security.cli.main traces summarize --slug <slug>
If refinement_hints.json has a top entry:
# Kamino campaign path (coordinator state):
.venv/bin/python hermes/scripts/nss-write-proposals.py
# Or scoped cross-target:
.venv/bin/python hermes/scripts/nss-write-scan-proposals.py --slug <slug>
Then re-run bounty loop with --proposals data/security_results/hermes_proposals/latest.json.
Log: which RSI actions fired, cooldown deltas, refinement queue changes. Same vs different vs prior tick.
validate_hypothesis() or evidence grading.config_hints are advisory — Day Shift or next loop tick decides config swap.refinement_seeds_from_store() — same grade 1–2 band.