在 GitHub 上看到 Learn Harness Engineering 这门开源课程，教我们给 AI 编程助手搭建一套可靠的工作环境。 围绕 AI 构建指令、状态、验证、范围、会话五大机制，让每次任务都有据可查、可接续、可验证。 GitHub：github.com/walkinglabs/le… 课程包含 12 节理论课和 6

An AI red-team agent for authorized labs and web app pentesting workflows. Turns Claude Code / OpenCode / Codex into a structured recon → test → exploit → report workflow, with containerized tools and resumable state. github.com/NeoTheCapt/Red…

github.com/0xSteph/pentes…

Bug Hunter: Turn Any AI Coding Agent into an Adversarial Security Reviewer 🐛⚔️ Triage → Recon → Hunt → Skeptic → Referee → Auto-Fix → Verify Finds real bugs, kills false positives, and safely patches code with CVE, STRIDE & CVSS context — built for devs who don’t trust

分享一个工程手绘风格Skill 模型使用GPT image 2 研究了好几天，觉得特别清爽舒适 提示词： - 纯白色背景，大量留白 - 工程图纸线条风格（细腻、精确） - 手写体标题（深灰色） - 工程标注方式展示步骤 - 淡蓝色、淡绿色、淡橙色水彩点缀（高透明度） - 类似苹果/特斯拉产品设计手稿的现代感 -

A vulnerable MCP server - github.com/BishopFox/otto… The otto-support capture-the-flag (CTF) is a set of hands-on AI security challenges that simulate how modern AI agents interact with tools, internal services, and local environments. As you progress, you’ll move across multiple

转译：深度拆解 Hermes Agent 的记忆系统：它如何修正 OpenClaw 的误区 如果你读过我之前关于 ChatGPT、Claude 以及 Clawdbot 记忆系统的文章，你就会知道我一直在钻研同一个问题：这些 AI 智能体（AI Agent）到底是怎么记事的？ Hermes Agent

这样就可以让claude越狱codex 了。安全没有任何用

A step-by-step guide to build your own AI agent. github.com/czl9707/build-…

Auditing Sabotage Bench - arxiv.org/pdf/2604.16286 As AI systems are increasingly used to conduct research autonomously, misaligned systems could introduce subtle flaws that produce misleading results while evading detection. We introduce Auditing Sabotage Bench, a benchmark for

Helping AI Agent become an awesome practical hacker! github.com/yaklang/hack-s…

不管你用的啥模型， 推荐一份CLAUDE.md 来自Andrej Karpathy skills和X爆火的agent工作流，可以直接复制，包含Agent整体约束、工作流编排和任务管理⤵️

Offensive Security: Speeding Up AD Pentests hackers-arise.com/offensive-secu…

最新支持了gh0st bits github.com/0x727/BypassPr…

Guardian — AI-Powered Penetration Testing Automation Platform 💀🔥 Multi-agent AI + 19 security tools working together for adaptive assessments. Full evidence capture, real command traceability, and professional reporting. Built for authorized red team operations.

learn.microsoft.com/en-us/azure/fo… by #microsoft

GitHub 上 SpineDigest 这个开源工具，能把整本书提炼成结构化的精华内容，而且可以按自己的阅读目的来决定保留什么。 它的处理思路挺有意思的，先让 AI 逐章提取关键知识点，再用算法构建知识图谱把相关概念串联起来。 最后通过多个 AI 角色「答辩式」对抗生成最终摘要，确保不会遗漏重要内容。