Two Upgrades To make it alive: Adaptive Skills + Sandboxed Exploit Runtime
Halo just got smarter and more flexible in the same session — here’s what shipped.
- Adaptive Skill Injection Inspired by patterns I studied in Strix (usestrix/strix), Halo’s agent loop now dynamically loads relevant attack playbooks into the prompt based on the current goal — instead of relying on one static system prompt for every task.
Skills live as markdown files organized by category (vulnerabilities/, frameworks/, technologies/, protocols/, cloud/, reconnaissance/, custom/), each with a name and description in the header. When the agent gets a goal like “find SQL injection in the login form,” it scans for keyword matches, pulls in the relevant skill content, and injects it straight into the model’s context before the tool chain gets generated.
First live test: given a SQL injection goal, the agent correctly selected run_sqlmap as its tool of choice — reasoning informed by the injected playbook, not a generic guess.
- Sandboxed Exploit Runtime (run_exploit)
Halo’s tool arsenal is now at 24 tools, with the newest addition being a custom Python exploit runtime. Instead of being limited to the fixed toolset, the agent can now write and execute small proof-of-concept scripts on the fly — each one run in an isolated subprocess with a hard timeout, so a broken or hanging script can’t take down the whole agent.
Tested live against the running MCP server:
{"status":"success","stderr":"","stdout":"Hello from the sandbox"}
Clean execution, sandboxed, logged like every other tool call.
What’s Next
Multi-agent orchestration is on the radar — specialized agents coordinating on recon, exploitation, and reporting in parallel.
For now: adaptive skills, sandboxed exploitation, 24 tools deep. Onward.
Top comments (4)
Wow 🦄, Halo really improved with that skill injection! For example, if I have a file called hello.txt containing the text 'Hello Halo!', and I prompt it to 'Check my file for greetings!', it will directly find hello.txt. That’s brilliant. Better UX equals more power! You really did well. 👏🏻
All discussions and PR's as well as suggestions welcomed . See anything that you like? Leave us a star or just jump in and collab/contribute.
github.co/XenoCoreGiger31/GEMMA-by-GOOGLE
I think your work is high quality, so I also starred the repo 🌟!