{"tasks":[{"id":"easy","name":"Startup Web App Audit","description":"Basic security audit of a small startup's web application. 2 hosts, 3 known vulnerabilities.","difficulty":"easy","max_steps":30},{"id":"medium","name":"E-commerce Platform Audit","description":"Security compliance audit of an e-commerce platform. 4 hosts, 6 vulnerabilities including chained attacks.","difficulty":"medium","max_steps":50},{"id":"hard","name":"Enterprise SOC2 Pre-Audit","description":"Full-scope pre-SOC2 audit of enterprise infrastructure. 6 hosts, 10 vulnerabilities, honeypots, and time pressure.","difficulty":"hard","max_steps":60}],"action_schema":{"additionalProperties":false,"description":"Action for the Security Audit environment.\n\nThe agent interacts via tool calls — discover hosts, scan services,\ntest for vulnerabilities, submit findings, and generate reports.","properties":{"metadata":{"additionalProperties":true,"description":"Additional metadata for the action","title":"Metadata","type":"object"},"action_type":{"description":"Type of action to take","enum":["list_tools","use_tool","submit_finding","spawn_subagent","return_to_parent","generate_report"],"title":"Action Type","type":"string"},"tool_name":{"anyOf":[{"type":"string"},{"type":"null"}],"default":null,"description":"Tool to invoke (required when action_type='use_tool')","title":"Tool Name"},"arguments":{"additionalProperties":true,"description":"Tool-specific arguments","title":"Arguments","type":"object"}},"required":["action_type"],"title":"SecurityAuditAction","type":"object"},"tools":["network_scan","service_fingerprint","web_crawl","vulnerability_scan","test_injection","test_xss","test_auth","test_config","test_crypto","check_secrets"]}