GitHub - edelauna/prompt2pwn: CLI Tool to Mount an LLM agent inside a CTF Chal Container

2 min read Original article ↗

CI

Automate CTF pwn challenges using Goose AI workflows in Docker. Secure nested env with MCP sidecar for xAI models.

Demo

Quick Start

  1. Install Docker.
  2. curl -fsSL https://raw.githubusercontent.com/edelauna/prompt2pwn/refs/heads/dev/install.sh | sh
  3. prompt2pwn launch --pwn-objective \"Buffer overflow in login\" --pwn-target http://target:8080

CLI

prompt2pwn [preflight|down|launch] [options]

Launch:

  • --pwn-objective <desc>: CTF description
  • --pwn-target <url>: Target
  • --pwn-info <hints>: Extra info
  • --yes: Skip prompts
  • --no-priv: Safer Docker
  • --verbose
  • --provider <name>: Set LLM provider (xai, google, openai, anthropic)
  • --tool <name>: Select goose, claude, or codex
  • [...extraArgs]: Goose cmds

Providers

Prompt2Pwn supports multiple LLM providers for Goose:

  • xai (default): Uses XAI Grok models. Requires XAI_API_KEY.
  • google: Uses Google Gemini. Requires GOOGLE_API_KEY. Default model: gemini-flash-lite-latest.
  • openai: Uses OpenAI models. Requires OPENAI_API_KEY. Default model: gpt-4.1-nano.
  • anthropic: Uses Anthropic Claude. Requires ANTHROPIC_API_KEY. Default model: claude-sonnet-4-5.

Set via --provider <name> or GOOSE_PROVIDER env var.

MCP sidecar uses XAI for search tools (optional), and Sourcegraph for code tools.

Examples:

prompt2pwn launch  # Interactive CTF
prompt2pwn launch --yes --pwn-objective \"XSS vuln\"
prompt2pwn launch --tool claude --resume
prompt2pwn launch --tool codex -- --full-auto
prompt2pwn preflight
prompt2pwn down

MCP Sidecar Configuration

The MCP sidecar provides search tools to Goose. By default, it includes:

  • Sourcegraph tools (if SOURCEGRAPH_TOKEN is configured): Code search and repository analysis tools.
  • Web and X/Twitter search tools (if XAI_API_KEY is configured): Real-time web search and social media analysis.

XAI_API_KEY is optional. If not provided, the MCP sidecar will start with only Sourcegraph tools available. You will be prompted during setup whether to configure the XAI key for full search capabilities.

To configure SOURCEGRAPH_TOKEN for code search tools, set it in your .env file or environment.

Installation

Recommended: See Quick Start

Windows:

Download the latest prompt2pwn-windows-amd64.exe from GitHub Releases and place it in a directory in your PATH.

Development:

git clone https://github.com/edelauna/prompt2pwn.git
cd prompt2pwn
deno task start

Architecture

graph TB
  Host --> Goose[Goose Container<br/>DinD + Goose AI]
  Goose --> WS["/workspace"]
  Goose --> Vol[goose-configs Vol]
  Host --> MCP[MCP-XAI Sidecar]
  MCP --> SG["Source code search
(by sourcegraph)"]
  MCP --> Web["Web Search
(by xai)"]
Loading

Features

  • CTF recipe orchestrator.
  • Bundled/external recipes.
  • Persistent configs and home volumes for Goose, Claude, and Codex.
  • Preflight checks.
  • See CONTRIBUTING.md