> An enterprise-grade, AI-powered penetration testing automation CLI tool. Orchestrates multiple specialized AI agents (Planner, ToolAgent, Analyst, Reporter) backed by 4 AI providers (OpenAI, Claude, Gemini, OpenRouter) and 19 integrated security tools through YAML-defined workflows. Produces professional Markdown, HTML, or JSON security reports with full evidence capture and traceability.
Install with the open skills CLI (global, non-interactive — available in every Claude Code session):
npx skills add zakirkun/guardian-cli --skill "guardian-cli" -g -a claude-code -yOr manually — copy the SKILL.md below into:
~/.claude/skills/guardian-cli/SKILL.md---
name: guardian-cli
description: >
An enterprise-grade, AI-powered penetration testing automation CLI tool.
Orchestrates multiple specialized AI agents (Planner, ToolAgent, Analyst, Reporter)
backed by 4 AI providers (OpenAI, Claude, Gemini, OpenRouter) and 19 integrated
security tools through YAML-defined workflows. Produces professional Markdown, HTML,
or JSON security reports with full evidence capture and traceability.
---
# Guardian CLI – Skill Reference
## 1. Project Overview
**Guardian** (v2.0) is a Python 3.11+ CLI application that automates penetration testing workflows using a multi-agent AI system. It is designed for **authorized** security assessments only.
```
guardian-cli/
├── ai/ # AI provider integrations & prompt templates
│ ├── providers/ # base_provider, openai, claude, gemini, openrouter
│ └── prompt_templates/
├── cli/ # CLI entry-point (Typer) & commands
│ └── commands/ # init, scan, recon, analyze, report, workflow, ai, models
├── core/ # Multi-agent orchestration engine
│ ├── agent.py # BaseAgent
│ ├── planner.py # PlannerAgent – decides next test step
│ ├── tool_agent.py # ToolAgent – selects & executes tools
│ ├── analyst_agent.py # AnalystAgent – interprets tool output
│ ├── reporter_agent.py # ReporterAgent – generates final reports
│ ├── memory.py # PentestMemory, ToolExecution, Finding dataclasses
│ └── workflow.py # WorkflowEngine – top-level orchestrator
├── tools/ # 19 security-tool wrappers (one Python file each)
├── workflows/ # YAML workflow definitions (8 built-in)
├── utils/ # logger, scope_validator, helpers
├── config/ # guardian.yaml configuration file
├── reports/ # Output directory for generated reports & session state
└── docs/ # Guides (WORKFLOW_GUIDE, TOOLS_DEVELOPMENT_GUIDE, …)
```
---
## 2. Architecture
### 2.1 Agent Pipeline
```
Target Input
│
▼
WorkflowEngine.run_workflow() ──or── WorkflowEngine.run_autonomous()
│
├──► PlannerAgent.decide_next_action() — Strategic AI reasoning
│
├──► ToolAgent.execute_tool() — Runs the chosen security tool
│
├──► AnalystAgent.interpret_output() — Parses & links findings to executions
│
└──► ReporterAgent.execute() — Generates markdown / HTML / JSON report
```
Each agent inherits from `BaseAgent` and uses a shared `PentestMemory` object that stores:
| Store | Class | Purpose |
|---|---|---|
| `findings` | `Finding` | Vulnerabilities discovered |
| `tool_executions` | `ToolExecution` | Full command + raw output |
| `completed_actions` | `list[str]` | Phase progress tracker |
| `current_phase` | `str` | reconnaissance → scanning → analysis → reporting |
### 2.2 AI Provider Abstraction
All providers implement the same `BaseProvider` interface, making them interchangeable at runtime:
| Provider | Env Var | Default Model |
|---|---|---|
| `openai` | `OPENAI_API_KEY` | `gpt-4o` |
| `claude` | `ANTHROPIC_API_KEY` | `claude-3-5-sonnet-20241022` |
| `gemini` | `GOOGLE_API_KEY` | `gemini-2.5-pro` |
| `openrouter` | `OPENROUTER_API_KEY` | `anthropic/claude-3.5-sonnet` |
Switch provider via `config/guardian.yaml` or `--provider` CLI flag.
---
## 3. CLI Commands
Run with `python -m cli.main <command>` (or `guardian <command>` after installation).
| Command | Purpose |
|---|---|
| `init` | Create/validate `config/guardian.yaml` |
| `scan` | One-shot vulnerability scan on a target |
| `recon` | Passive / active reconnaissance |
| `analyze` | Re-analyze an existing session |
| `report` | Generate / re-generate a report for a session |
| `workflow list` | List available workflows |
| `workflow run` | Execute a named workflow against a target |
| `ai` | Query AI about a finding or custom prompt |
| `models` | List configured AI providers and models |
| `version` | Show version |
### Common Flags
```bash
--target <IP/domain/CIDR> # Required for scan/recon/workflow run
--provider <openai|claude|gemini|openrouter>
--name <workflow-name> # For workflow run
--format <markdown|html|json>
--session <SESSION_ID> # For report regeneration
```
---
## 4. Workflow System
### 4.1 Running a Workflow
```bash
# List available workflows
python -m cli.main workflow list
# Web penetration test
python -m cli.main workflow run --name web_pentest --target https://target.example.com
# Full network assessment
python -m cli.main workflow run --name network --target 192.168.1.0/24
# Autonomous AI-driven pentest
python -m cli.main workflow run --name autonomous --target example.com
```
### 4.2 Built-in Workflows
| File | Name | Description |
|---|---|---|
| `recon.yaml` | recon | Passive + active reconnaissance |
| `web_pentest.yaml` | web_pentest | HTTP discovery, vuln scan, report |
| `network_pentest.yaml` | network | Port scan, service detect, analysis |
| `advanced_recon.yaml` | advanced_recon | Deep subdomain + DNS enumeration |
| `full_vuln_scan.yaml` | full_vuln_scan | Comprehensive vulnerability sweep |
| `wordpress_audit.yaml` | wordpress_audit | WordPress-specific audit |
| `autonomous.yaml` | autonomous | AI-decides-everything mode |
### 4.3 Workflow YAML Schema
```yaml
name: my_workflow
description: "Short description"
steps:
- name: http_discovery
type: tool # tool | analysis | report
tool: httpx # tool name (must match tools/ wrapper)
objective: "Describe what to find"
parameters: # Override config/guardian.yaml defaults
tech_detect: true
threads: 100
- name: analyze
type: analysis
agent: analyst
objective: "Correlate findings"
- name: generate_report
type: report
# format defaults to config output.format
settings:
max_parallel_tools: 3
require_confirmation: true
save_intermediate: true
```
**Parameter Priority:** Workflow YAML > `config/guardian.yaml` > Tool defaults
### 4.4 Fuzzy Workflow Matching
The engine resolves `--name web` → `web_pentest.yaml` automatically using substring matching on the filename stem.
---
## 5. Integrated Security Tools (19)
| Category | Tools |
|---|---|
| **Network** | nmap, masscan |
| **Web Recon** | httpx, whatweb, wafw00f |
| **Subdomain / DNS** | subfinder, amass, dnsrecon |
| **Vulnerability** | nuclei, nikto, sqlmap, wpscan |
| **SSL/TLS** | testssl, sslyze |
| **Content Discovery** | gobuster, ffuf, arjun |
| **Security Analysis** | xsstrike, gitleaks, cmseek |
Each tool has a self-contained Python wrapper in `tools/<toolname>.py` that:
1. Builds the shell command from parameters
2. Executes it asynchronously (`asyncio` subprocess)
3. Returns `{"success": bool, "command": str, "raw_output": str, "exit_code": int, "duration": float}`
Guardian works with a subset of tools available; the AI adapts based on what is installed.
---
## 6. Configuration (`config/guardian.yaml`)
Key sections:
```yaml
ai:
provider: openai # Active provider
openai:
model: gpt-4o
api_key: null # Or set OPENAI_API_KEY env var
temperature: 0.2
max_tokens: 8000
pentest:
safe_mode: true # Disable destructive actions
require_confirmation: true
max_parallel_tools: 3
tool_timeout: 300 # seconds
output:
format: markdown # markdown | html | json
save_path: ./reports
verbosity: normal # quiet | normal | verbose | debug
scope:
blacklist: # Never scan these
- 127.0.0.0/8
- 10.0.0.0/8
- 172.16.0.0/12
- 192.168.0.0/16
```
---
## 7. Output & Evidence
Every scan session produces:
| File | Contents |
|---|---|
| `reports/report_<SESSION_ID>.md` | Full penetration test report |
| `reports/session_<SESSION_ID>.json` | Raw session state (findings, executions, phase) |
Evidence capture includes:
- **Execution ID** linked to every finding (`execution_id` field on `Finding`)
- **Full raw output** (up to 2000-char snippets) of every tool run
- **AI reasoning trace** embedded in reports (when `include_reasoning: true`)
Report formats are selected via the `output.format` config key or the `--format` CLI flag and map to file extensions `.md`, `.html`, `.json`.
---
## 8. Adding a New Tool
1. Create `tools/mytool.py` inheriting from `BaseTool` (see `tools/base_tool.py`)
2. Implement `async def run(self, target: str, **kwargs) -> dict`; return the standard result dict
3. Register the tool in `tools/__init__.py`
4. Reference it by name in any workflow YAML step (`tool: mytool`)
See `docs/TOOLS_DEVELOPMENT_GUIDE.md` for full documentation.
---
## 9. Adding a New AI Provider
1. Create `ai/providers/myprovider_provider.py` inheriting `BaseProvider` (`ai/providers/base_provider.py`)
2. Implement `async def complete(self, messages, system_prompt) -> dict`
3. Register in `ai/ai_client.py` provider factory
4. Add the config block to `config/guardian.yaml` under `ai:`
---
## 10. Development
```bash
# Setup
python -m venv venv
.\venv\Scripts\activate # Windows
pip install -e ".[dev]"
# Run
python -m cli.main --help
# Test
pytest tests/
# Lint / Format
black .
ruff check .
```
**Core dependencies:** `typer[all]`, `rich`, `langchain`, `langchain-google-genai`, `langchain-openai`, `langchain-anthropic`, `pyyaml`, `python-dotenv`, `pydantic`, `asyncio`, `aiofiles`, `jinja2`
---
## 11. Legal & Ethics
> ⚠️ Guardian is designed **exclusively** for authorized security testing and educational purposes.
> You are fully responsible for obtaining explicit written permission before testing any system.
> Unauthorized access is illegal (CFAA, GDPR, and equivalent laws worldwide).
Use when facing 2+ independent tasks that can be worked on without shared state or sequential dependencies
Use when encountering any bug, test failure, or unexpected behavior, before proposing fixes
Use when implementing any feature or bugfix, before writing implementation code