Adversarial Intelligence Engine for CI/CD Pipelines
Project description
Crucible
Your CI/CD pipeline has failure modes it has never encountered.
Crucible finds them before production does.
Adversarial agents attack your workflows. The ones that find failures survive. The ones that don't, die. Every run produces a replayable trace. Every trace compounds into operational foresight.
This is not a testing framework. It is evolutionary pressure applied to your infrastructure.
What Crucible found
Attacked the official GitHub Actions Node.js CI starter workflow — the template used by millions of repos.
Score: 75.9/100 (B). Four weaknesses found:
| # | Finding | Attack | Blast radius |
|---|---|---|---|
| 1 | DATABASE_URL=null caused silent pipeline crash |
env |
checkout → install → deploy |
| 2 | API_KEY has no validation — null injection propagates past 3 steps |
env |
all authenticated steps |
| 3 | No retry logic on git checkout — one connection reset kills the run |
network |
entire pipeline |
| 4 | node version unpinned — any major bump breaks the build silently |
dependency |
install → build → test |
Timing agent found nothing. It went extinct.
💀 AGENT OBITUARY
Species: timing Agent: agent_timing_cef5f0e0
Mutations: 5 | Failures triggered: 0 | Fitness: 2.5
Cause: FITNESS COLLAPSE
See it
Quick start
pip install crucible-gym
# Demo (no workflow file needed)
crucible attack --demo --rich
# Attack a real workflow
crucible attack --target .github/workflows/ci.yml --rich
Attack types
| Attack | What it targets |
|---|---|
timing |
Delays, race conditions, timeout assumptions |
env |
Environment variable validation |
reorder |
Hidden step dependency order |
network |
Retry logic, timeout handling |
dependency |
Version pinning, lockfile coverage |
Full documentation
See crucible/README.md for the complete reference: all commands, resilience scoring breakdown, evolutionary mechanics, shadow agents, replayable traces, GitHub PR integration, web dashboard, and architecture.
License
Apache 2.0 — see LICENSE
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file crucible_gym-0.1.0.tar.gz.
File metadata
- Download URL: crucible_gym-0.1.0.tar.gz
- Upload date:
- Size: 58.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
e0d1adbe6daaf97028ab7e32914226ead750547ffda1a7a9757dc2bd0a68b4a2
|
|
| MD5 |
065ccfa0b18700e4c14f2617e71270f6
|
|
| BLAKE2b-256 |
687c1d74a2eabe4e843bea7177df6ecef81bc3f2c690506ec43449f53796a51a
|
File details
Details for the file crucible_gym-0.1.0-py3-none-any.whl.
File metadata
- Download URL: crucible_gym-0.1.0-py3-none-any.whl
- Upload date:
- Size: 66.9 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
7ff2a24048cbd41b60f53c964e467af6253e546f66c0bb37f79463a472d6e15d
|
|
| MD5 |
6411ec796022113503f5f3b470f7fa71
|
|
| BLAKE2b-256 |
ddf9a4965682c92eb754cfcc82c6fdfc359205420aba7f26631530abb9338582
|