# reversecore-mcp - Doramagic AI Context Pack

> Positioning: a pre-install experience and judgment asset. It helps the host AI get off to a good start, but it does not mean the project has already been installed, run, or validated.

## Sufficiency Principle

- **Sufficiency over compression**: The AI Context Pack should be sufficient for the host AI to understand the project's value, capability boundaries, entrypoints, risks, and evidence sources before starting work; it may be layered, but it does not aim for the shortest possible summary.
- **Compression policy**: Compress only noise and duplication, never context that affects judgment or the quality of the work.

## How the Host AI Should Use This

You are reading the AI Context Pack that Doramagic compiled for reversecore-mcp. Treat it as pre-work context: help the user understand who it fits, what it can do, how to start, what must be verified after install, and where the risks are. Do not claim that you have already installed, run, or executed the target project.

## Claim Consumption Rules

- **Fact source**: Repo Evidence + Claim/Evidence Graph; the Human Wiki only supplies salience, terminology, and narrative structure.
- **Minimum status for a fact**: `supported`
- `supported`: May be used as a project fact, but the answer must cite the claim_id and evidence path.
- `weak`: Usable only as a low-confidence lead; the user must be asked to keep verifying.
- `inferred`: Usable only for risk notes or open questions; must not be packaged as a project fact.
- `unverified`: Must not be used as fact; state clearly that evidence is insufficient.
- `contradicted`: Must show the conflicting sources and must not force a single version on the user's behalf.

## Who It Fits Best

- **Developers already using host AIs such as Claude/Codex/Cursor/Gemini**: The README or plugin config mentions multiple host AIs. Evidence: `README.md` Claim: `clm_0003` supported 0.86
- **Users who want to bring professional workflows into a host AI**: The repo contains Skill documents. Evidence: `.agents/worker_m7_3/skills/google-antigravity-sdk/SKILL.md` Claim: `clm_0004` supported 0.86

## What It Can Do

- **AI Skill / Agent Instruction Asset Library** (Previewable before install): The project contains Skill or Agent instruction files that a host AI can read, useful for bringing professional workflows into hosts like Claude, Codex, or Cursor. Evidence: `.agents/worker_m7_3/skills/google-antigravity-sdk/SKILL.md` Claim: `clm_0001` supported 0.86
- **Command-Line Startup or Install Flow** (Verify after install): The project documentation contains runnable commands; real use requires running them in a local or host environment. Evidence: `README.md` Claim: `clm_0002` supported 0.86

## How to Start

- `git clone https://github.com/sjkim1127/Reversecore_MCP.git` Evidence: `README.md` Claim: `clm_0005` supported 0.86
- `pip install -r requirements.txt` Evidence: `README.md` Claim: `clm_0006` supported 0.86
- `pip install -r requirements-dev.txt` Evidence: `README.md` Claim: `clm_0007` supported 0.86

## Continue-or-Stop Decision Card

- **Current recommendation**: Needs admin / security approval
- **Why**: Continuing may involve secrets, accounts, external services, or sensitive context; get admin or security approval first.

### 30-Second Read

- **What to do now**: Needs admin / security approval
- **Minimum safe next step**: Run Prompt Preview first; if credentials or an enterprise environment are involved, get approval before trialing
- **Do not trust yet**: Tool permission boundaries cannot be trusted before install.
- **Continuing will touch**: Command execution, Host AI configuration, Local environment or project files

### What You Can Trust Now

- **Target-audience signal: Developers already using host AIs such as Claude/Codex/Cursor/Gemini** (supported): Backed by a supported claim or project evidence, but that still is not the same as real install results. Evidence: `README.md` Claim: `clm_0003` supported 0.86
- **Target-audience signal: Users who want to bring professional workflows into a host AI** (supported): Backed by a supported claim or project evidence, but that still is not the same as real install results. Evidence: `.agents/worker_m7_3/skills/google-antigravity-sdk/SKILL.md` Claim: `clm_0004` supported 0.86
- **Capability exists: AI Skill / Agent Instruction Asset Library** (supported): You can trust that the project contains signals of this capability; whether it fits your specific task still needs trial or after-install verification. Evidence: `.agents/worker_m7_3/skills/google-antigravity-sdk/SKILL.md` Claim: `clm_0001` supported 0.86
- **Capability exists: Command-Line Startup or Install Flow** (supported): You can trust that the project contains signals of this capability; whether it fits your specific task still needs trial or after-install verification. Evidence: `README.md` Claim: `clm_0002` supported 0.86
- **There are Quick Start / install-command signals** (supported): You can trust that the docs mention a startup or install entrypoint; do not run it directly in your primary environment because of that. Evidence: `README.md` Claim: `clm_0005` supported 0.86

### What You Cannot Trust Yet

- **Tool permission boundaries cannot be trusted before install.** (unverified): MCP/tool projects usually touch files, the network, the browser, or external APIs, so permissions and logs must be checked for real.
- **Real output quality cannot be trusted before install.** (unverified): Prompt Preview can only show how it guides you; it cannot prove result quality in the real project.
- **Host AI version compatibility cannot be trusted before install.** (unverified): Host loading rules and version differences across Claude, Cursor, Codex, Gemini, and others must be verified in a real environment.
- **That it will not pollute your existing host AI's behavior cannot be trusted directly.** (inferred): Skill, plugin, and AGENTS/CLAUDE/GEMINI instructions may change the host AI's default behavior. Evidence: `.agents/worker_m7_3/skills/google-antigravity-sdk/SKILL.md`, `AGENTS.md`
- **Safe rollback cannot be assumed by default.** (unverified): Unless the project clearly provides uninstall and recovery instructions, verify in an isolated environment first.
- **After a real install, is it compatible with the user's current host AI version?** (unverified): Compatibility can only be verified in the actual host environment.
- **Does the project's output quality meet the user's specific task?** (unverified): The pre-install preview can only show flow and boundaries; it cannot replace real evaluation.
- **Do the install commands require network access, permissions, or global writes?** (unverified): This affects install risk in both enterprise and personal environments. Evidence: `README.md`

### What Continuing Will Touch

- **Command execution**: Package managers, network downloads, the local plugin directory, project config, or the user's home directory. Why: Running the very first command can already change your environment; decide whether it is worth running first. Evidence: `README.md`
- **Host AI configuration**: The plugin, Skill, or rule-loading config of hosts like Claude/Codex/Cursor/Gemini/OpenCode. Why: Host configuration changes how the AI works afterward and may conflict with the user's existing rules. Evidence: `.agents/worker_m7_3/skills/google-antigravity-sdk/SKILL.md`, `AGENTS.md`
- **Local environment or project files**: Install results, plugin caches, project config, or local dependency directories. Why: The write scope and rollback path cannot be proven before install and need isolated verification. Evidence: `README.md`
- **Environment variables / API keys**: Project entry docs explicitly showing API key, token, secret, or account credential configuration. Why: If a real install needs credentials, use test credentials first and go through a permission/compliance review. Evidence: `README.md`, `docs/getting-started/configuration.md`, `server.py`
- **Host AI context**: The AI Context Pack, Prompt Preview, Skill routing, risk rules, and project facts. Why: Importing context affects the host AI's later judgment, so avoid packaging unverified items as facts.

### Minimum Safe Next Steps

- **Run Prompt Preview first**: Use a pre-install interactive trial to judge whether the way of working fits; it needs no authorization or environment change. (applies when: Applies to any project, especially when output quality is unknown.)
- **Trial-install only in an isolated directory or a test account**: Avoid letting install commands pollute your primary host AI, real projects, or home directory. (applies when: When there are signals of command execution, plugin config, or local writes.)
- **Back up your host AI configuration first**: Skill, plugin, and rule files may change the default behavior of Claude/Cursor/Codex. (applies when: When there is a plugin manifest, a Skill, or a host rule entrypoint.)
- **Do not use real production credentials**: Once an environment variable / API key enters the host or toolchain, it can create account and compliance risk. (applies when: When environment signals like API, TOKEN, KEY, or SECRET appear.)
- **After install, verify just one minimal task**: Verify loading, compatibility, output quality, and rollback first, then decide whether to use it deeply. (applies when: When moving from a trial into a real workflow.)

### Exit Plan

- **Preserve the pre-install state**: Record the original host config and project state so you can later judge whether it is recoverable.
- **Be ready to remove the host plugin / Skill / rule entrypoint**: If behavior is off after the trial install, you can restore the host AI to its pre-trial state.
- **Record the install commands and written paths**: Without clear uninstall instructions, you at least need to know which directories or configs to clean up manually.
- **Be ready to revoke test API keys or tokens**: If test credentials leak or are misused, you can cut losses quickly.
- **If there is no rollback path, do not enter your primary environment**: No rollback is a blocker before continuing; do not proceed on trust or luck.

## What Can Only Be Previewed

- Explain who the project fits and what it can do
- Demonstrate a typical conversation flow based on project docs
- Help the user decide whether it is worth installing or researching further

## What Must Be Verified After Install

- Actually installing the Skill, plugin, or CLI
- Running scripts, modifying local files, or accessing external services
- Verifying real output quality, performance, and compatibility

## Boundary & Risk Decision Card

- **Mistaking the pre-install preview for a real run**: The user may overestimate how much configuration, permission, and compatibility verification the project has already done. Mitigation: Clearly separate prompt_preview_can_do from runtime_required. Claim: `clm_0008` inferred 0.45
- **Command execution will modify the local environment**: Install commands may write to the user's home directory, the host plugin directory, or project configuration. Mitigation: Run in an isolated environment or a test account first. Evidence: `README.md` Claim: `clm_0009` supported 0.86
- **To confirm**: After a real install, is it compatible with the user's current host AI version?. Why: Compatibility can only be verified in the actual host environment.
- **To confirm**: Does the project's output quality meet the user's specific task?. Why: The pre-install preview can only show flow and boundaries; it cannot replace real evaluation.
- **To confirm**: Do the install commands require network access, permissions, or global writes?. Why: This affects install risk in both enterprise and personal environments.

## Pre-Work Working Context

### Loading Order

- First read how_to_use.host_ai_instruction to establish the boundaries of this pre-install judgment asset.
- Read claim_graph_summary to confirm facts come from the Claim/Evidence Graph, not the Human Wiki narrative.
- Then read intended_users, capabilities, and quick_start_candidates to judge whether the user is a match.
- When you need to carry out a concrete task, check role_skill_index first, then evidence_index.
- For real install, file modification, network access, performance, or compatibility questions, turn to risk_card and boundaries.runtime_required.

### Task Routes

- **AI Skill / Agent Instruction Asset Library**: Use role_skill_index / evidence_index to help the user pick a usable role, Skill, or workflow first. Boundary: Can be experienced via a pre-install Prompt. Evidence: `.agents/worker_m7_3/skills/google-antigravity-sdk/SKILL.md` Claim: `clm_0001` supported 0.86
- **Command-Line Startup or Install Flow**: State that this is an after-install capability first, then give a pre-install checklist. Boundary: Must be verified after a real install or run. Evidence: `README.md` Claim: `clm_0002` supported 0.86

### Context Scale

- Total files: 478
- Important-file coverage: 40/478
- Evidence index entries: 80
- Role / Skill entries: 1

### Handling Insufficient Evidence

- **missing_evidence**: State that evidence is insufficient and ask the user for the target file, a README section, or after-install verification records; do not fill in facts.
- **out_of_scope_request**: State that the task is beyond the current AI Context Pack's evidence scope and suggest the user check the Human Manual or verify after a real install.
- **runtime_request**: Provide a pre-install checklist and command sources, but do not run commands for the user or claim they have been run.
- **source_conflict**: Show the conflicting sources side by side, mark them as unverified, and do not force a single version.

## Prompt Recipes

### Fit assessment

- Goal: Judge whether this project fits the user's current task.
- Expected output: A fit conclusion, key reasons, evidence citations, what can be previewed before install, what must be verified after install, and a next-step recommendation.

```text
Based on the AI Context Pack for reversecore-mcp, ask me 3 necessary questions first, then judge whether it fits my task. The answer must cover: who it fits, what it can do, what it cannot do, whether it is worth installing, and where the evidence comes from. Every project fact must cite evidence_refs, source_paths, or a claim_id.
```

### Pre-install experience

- Goal: Let the user feel the core workflow before installing, while avoiding packaging the preview as real capability or a marketing promise.
- Expected output: An experience script with boundary labels, an after-install verification checklist, and a cautious recommendation; with no real-run promises or strong marketing language.

```text
Treat reversecore-mcp as a pre-install experience asset, not an already-installed tool or a real runtime environment.

Output exactly four parts:
1. Ask me 3 necessary questions first.
2. Give an "experience script": use the three labels [Previewable before install], [Must verify after install], and [Insufficient evidence] to show how it might guide the workflow.
3. Give an after-install verification checklist: list which capabilities can only be confirmed after a real install, real host loading, and a real project run.
4. Give a cautious recommendation: only "worth researching/trialing further", "add information before deciding", or "not recommended to continue"; do not endorse the project.

Hard boundaries:
- Do not claim you have installed, run, executed tests, modified files, or produced real results.
- Do not write promise-like phrasing such as "auto-adapts", "guarantees passing", "perfect fit", or "strongly recommend installing".
- If you describe how it works after install, you must use a conditional such as "if installed successfully and the host loads the Skill correctly, it might...".
- The experience script may only be written as "example lines / hypothetical flow": use "might ask / might suggest / might show", not "has written, has generated, has passed, is running, is generating".
- Prompt Preview does not hand out install commands; if the user is ready to trial, only prompt them to read Quick Start and the Risk Card first and to verify in an isolated environment.
- Every project fact must come from a supported claim, evidence_refs, or source_paths; inferred/unverified items can only be risks or open questions.

```

### Role / Skill selection

- Goal: Pick the best-matching asset from the project's roles or Skills.
- Expected output: A list of candidate roles or Skills, each with an applicable scenario, evidence paths, risk boundary, and whether after-install verification is needed.

```text
Read role_skill_index and recommend 3-5 of the most relevant roles or Skills for my target task. For each recommendation, state the applicable scenario, likely output, risk boundary, and evidence_refs.
```

### Risk pre-check

- Goal: Identify environment, permission, rule-conflict, and quality risks before installing or adopting.
- Expected output: A checklist of environment, permission, dependency, license, host-conflict, quality risk, and unknown items.

```text
Based on risk_card, boundaries, and quick_start_candidates, give me a pre-install risk pre-check list. Do not run commands for me; only explain what I should check, why, and what impact a failure would have.
```

### Host AI kickoff instruction

- Goal: Turn the project context into a host AI instruction for the start of a conversation.
- Expected output: A pre-work instruction with clear boundaries and clear evidence citations, suitable to copy to a host AI.

```text
Based on the AI Context Pack for reversecore-mcp, generate a pre-work instruction I can paste to my host AI. This instruction must obey not_runtime=true and must not claim the project has been installed, run, or produced real results.
```

## Role / Skill Index

- Indexed 1 role / Skill / project-doc entries.

- **google-antigravity-sdk** (skill): Design, implement, and debug autonomous AI agents and multi-agent systems using the Google Antigravity AGY SDK. ACTIVATE this skill when the user wants to create, configure, or orchestrate Google Antigravity agents. Activation hint: When the user's task is highly relevant to the workflow described by “google-antigravity-sdk”, use it for a pre-install experience first, then decide whether to install. Evidence: `.agents/worker_m7_3/skills/google-antigravity-sdk/SKILL.md`

## Evidence Index

- Indexed 80 evidence entries.

- **Reversecore MCP** (documentation): AI-Powered Reverse Engineering & Security Analysis via Model Context Protocol Evidence: `README.md`
- **Reversecore MCP Resources** (documentation): This directory contains static resources and documentation for the Reversecore MCP server. Evidence: `resources/README.md`
- **Contributing Guide** (documentation): Thank you for contributing to Reversecore MCP! This guide outlines setup instructions, coding conventions, testing requirements, and pull request procedures. Evidence: `docs/development/contributing.md`
- **Agent Customizations for Reversecore MCP** (documentation): Agent Customizations for Reversecore MCP Evidence: `AGENTS.md`
- **Reversecore MCP** (documentation): Welcome to Reversecore MCP - an AI-powered security analysis and reverse engineering platform built on the Model Context Protocol MCP . Evidence: `docs/index.md`
- **Google Antigravity SDK** (skill_instruction): Before proceeding with any Google Antigravity tasks, ensure the environment is ready: Evidence: `.agents/worker_m7_3/skills/google-antigravity-sdk/SKILL.md`
- **License** (source_file): Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files the "Software" , to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: Evidence: `LICENSE`
- **CI/CD Tool Testing Guide** (documentation): This document describes how external binary analysis tools are validated and tested within the Reversecore MCP CI/CD pipelines and local test environments. Evidence: `docs/CI_CD_TOOL_TESTING.md`
- **Enhanced CI/CD - Real Binary Verification** (documentation): Enhanced CI/CD - Real Binary Verification Evidence: `docs/ENHANCED_CI_CD.md`
- **Extended Binary Analysis Tools Reference** (documentation): Extended Binary Analysis Tools Reference Evidence: `docs/EXTENDED_TOOLS_ANALYSIS.md`
- **Config Module** (documentation): ::: reversecore mcp.core.config options: show source: true show root heading: true members: - Settings - Config - get config - get settings - reset config - LogFormat - TransportMode Evidence: `docs/api/core/config.md`
- **Exceptions Module** (documentation): ::: reversecore mcp.core.exceptions options: show source: true show root heading: true members: - ReversecoreError - BinaryAnalysisError - DecompilationError - DisassemblyError - StructureRecoveryError - SignatureGenerationError - EmulationError - ToolTimeoutError - ToolNotFoundError - ExecutionTimeoutError - ValidationError - ToolExecutionError - GhidraConnectionError - Radare2Error - WorkspaceError - SecurityViolationError - PathTraversalError Evidence: `docs/api/core/exceptions.md`
- **Logging Module** (documentation): ::: reversecore mcp.core.logging config options: show source: true show root heading: true members: - setup logging - get logger - get context logger - JSONFormatter - ContextAdapter Evidence: `docs/api/core/logging.md`
- **Memory Store Module** (documentation): ::: reversecore mcp.core.memory options: show source: true show root heading: true Evidence: `docs/api/core/memory.md`
- **Metrics & Decorators Module** (documentation): ::: reversecore mcp.core.metrics options: show source: true show root heading: true Evidence: `docs/api/core/metrics.md`
- **Connection Pool Module** (documentation): ::: reversecore mcp.core.r2 pool options: show source: true show root heading: true Evidence: `docs/api/core/r2_pool.md`
- **Security Module** (documentation): ::: reversecore mcp.core.security options: show source: true show root heading: true Evidence: `docs/api/core/security.md`
- **Task Queue Module** (documentation): ::: reversecore mcp.core.task queue options: show source: true show root heading: true Evidence: `docs/api/core/task_queue.md`
- **Static Analysis API Reference** (documentation): ::: reversecore mcp.tools.analysis.static analysis options: show source: true show root heading: true Evidence: `docs/api/tools/analysis.md`
- **Common Utilities API Reference** (documentation): ::: reversecore mcp.tools.common.file operations options: show source: true show root heading: true Evidence: `docs/api/tools/common.md`
- **Digital Forensics API Reference** (documentation): ::: reversecore mcp.tools.forensics.memory options: show source: true show root heading: true Evidence: `docs/api/tools/forensics.md`
- **Malware & Threat Detection API Reference** (documentation): Malware & Threat Detection API Reference Evidence: `docs/api/tools/malware.md`
- **Radare2 & Decompilation API Reference** (documentation): Radare2 & Decompilation API Reference Evidence: `docs/api/tools/radare2.md`
- **Sessions & Reporting API Reference** (documentation): ::: reversecore mcp.tools.report.report tools options: show source: true show root heading: true Evidence: `docs/api/tools/report.md`
- **Architecture Guide** (documentation): This document describes the design, components, and internal workflows of the Reversecore MCP platform, an integrated static and dynamic analysis server. Evidence: `docs/development/architecture.md`
- **Configuration** (documentation): Reversecore MCP is configured using environment variables. When the server boots, it uses Pydantic Settings to load, validate, and type-convert these variables. You can also place them in a .env file in the directory where you start the server. Evidence: `docs/getting-started/configuration.md`
- **Installation** (documentation): This guide covers setting up Reversecore MCP either inside a pre-built Docker container or natively on your system. Evidence: `docs/getting-started/installation.md`
- **Quick Start** (documentation): This guide will help you run the Reversecore MCP server and begin analyzing binaries with your AI assistant in just a few minutes. Evidence: `docs/getting-started/quickstart.md`
- **Binary Analysis Guide** (documentation): This guide covers the fundamental binary analysis capabilities of Reversecore MCP, showing how to identify, disassemble, and analyze executables. Evidence: `docs/user-guide/binary-analysis.md`
- **Decompilation Guide** (documentation): Decompilation converts raw binary machine instructions back into high-level human-readable pseudo-C code. Evidence: `docs/user-guide/decompilation.md`
- **Overview** (documentation): Reversecore MCP is a security analysis platform built on the Model Context Protocol MCP . It allows AI assistants to perform comprehensive, low-level binary analysis and forensics through natural language commands. Evidence: `docs/user-guide/overview.md`
- **Threat Detection Guide** (documentation): This guide covers malware triage, threat hunting, and automated vaccine generation using Reversecore MCP. Evidence: `docs/user-guide/threat-detection.md`
- **=============================================================================** (source_file): ============================================================================= Reversecore MCP Environment Variables ============================================================================= Copy this file to .env and fill in your values All variables are optional - features will be disabled if not set Evidence: `.env.example`
- **Reversecore MCP — Base Image** (source_file): Reversecore MCP — Base Image Contains all slow-to-build, rarely-changing dependencies: - YARA compiled from source to match yara-python binding - radare2 compiled from source for Debian bookworm compatibility - r2ghidra plugin embeds Ghidra decompiler engine inside radare2 — no JDK/Ghidra install needed - Python venv with all pinned requirements This image is rebuilt ONLY when tool versions change ARG values below . The main Dockerfile simply does FROM ghcr.io/.../base:TAG and copies application code — cutting cold-build time from ~12min to ~60s. Rebuild trigger: bump any of the ARG version values and push to main. The build-base-image GitHub Actions job detects changes to this file. Build… Evidence: `Dockerfile.base`
- **Docker Compose** (source_file): services: reversecore-mcp: build: context: . dockerfile: Dockerfile image: reversecore-mcp:latest container name: reversecore-mcp ports: - "8000:8000" volumes: - ./workspace:/app/workspace - ./rules:/app/rules environment: - MCP TRANSPORT=http - LOG LEVEL=INFO - REDIS URL=redis://redis:6379/0 depends on: - redis deploy: resources: limits: cpus: '2.0' memory: 4G restart: unless-stopped profiles: - default - x86 reversecore-mcp-arm64: build: context: . dockerfile: Dockerfile image: reversecore-mcp:arm64 container name: reversecore-mcp-arm64 ports: - "8000:8000" volumes: - ./workspace:/app/workspace - ./rules:/app/rules environment: - MCP TRANSPORT=http - LOG LEVEL=INFO - REDIS URL=redis://red… Evidence: `docker-compose.yml`
- **Testing Guide** (documentation): This guide details testing procedures, folder structures, and best practices for developing on the Reversecore MCP platform. Evidence: `docs/development/testing.md`
- **Core MCP server dependencies** (source_file): project name = "reversecore-mcp" version = "2.1.0" description = "A security-first MCP server that empowers AI agents to perform automated reverse engineering, malware analysis, forensics, vulnerability research, and SAST — powered by Radare2, YARA, LIEF, Capstone, and more." readme = "README.md" requires-python = " =3.10" license = {text = "MIT"} dependencies = Core MCP server dependencies "mcp cli =1.27.0", "fastmcp =2.13.0, =0.100.0", "uvicorn =0.30.0", "python-multipart =0.0.27", "aiofiles =24.0.0", "aiofile =2.13.0", "pydantic-settings =2.0.0", "loguru =0.7.0", "orjson =3.11.9", Evidence: `pyproject.toml`
- **Init** (source_file): version = "2.1.0" Evidence: `reversecore_mcp/__init__.py`
- **Run Docker** (source_file): set -e SCRIPT DIR="$ cd "$ dirname "${BASH SOURCE 0 }" " && pwd " PROJECT DIR="$ dirname "$SCRIPT DIR" " cd "$PROJECT DIR" detect arch { local arch=$ uname -m case "$arch" in arm64 aarch64 echo "arm64" ;; x86 64 amd64 echo "x86" ;; echo "Unknown architecture: $arch" &2 echo "x86" ;; esac } ACTION="${1:-run}" ARCH="${2:-auto}" if "$ACTION" == "x86" "$ACTION" == "arm64" ; then ARCH="$ACTION" ACTION="run" fi if "$ARCH" == "auto" ; then ARCH=$ detect arch fi echo "🔧 Architecture: $ARCH" echo "📁 Project directory: $PROJECT DIR" case "$ACTION" in run echo "🚀 Starting Reversecore MCP $ARCH ..." PLATFORM="linux/amd64" if "$ARCH" == "arm64" ; then PLATFORM="linux/arm64" fi if "$ARCH" == "arm64" ; th… Evidence: `scripts/run-docker.sh`
- **2. Check critical dependencies** (source_file): magic = None ⋮---- logger = get logger name ⋮---- @asynccontextmanager async def server lifespan server: FastMCP - AsyncGenerator None, None ⋮---- settings = get config ⋮---- 2. Check critical dependencies dependencies ok = True ⋮---- Check radare2 ⋮---- dependencies ok = False ⋮---- Note: Async resources are initialized lazily when first accessed ⋮---- ext registry = get extension registry ⋮---- ext summary = ext registry.list extensions ⋮---- cleanup task = asyncio.create task cleanup old files ⋮---- pool = await get arq pool worker = None worker task = None ⋮---- worker = Worker worker task = asyncio.create task worker.async run ⋮---- =====================================================… Evidence: `server.py`
- **Init** (source_file): all = Evidence: `reversecore_mcp/core/__init__.py`
- **=============================================================================** (source_file): class LogFormat str, Enum ⋮---- HUMAN = "human" JSON = "json" ⋮---- class TransportMode str, Enum ⋮---- STDIO = "stdio" HTTP = "http" ⋮---- class Settings BaseSettings ⋮---- model config = SettingsConfigDict ⋮---- workspace: Path = Field read dirs: str = Field strict paths: bool = Field ⋮---- log level: str = Field log file: Path = Field log format: LogFormat = Field ⋮---- structured errors: bool = Field ⋮---- rate limit: int = Field ⋮---- max output size: int = Field lief max file size: int = Field ⋮---- host: str = Field port: int = Field ⋮---- file retention minutes: int = Field ⋮---- max upload size: int = Field ⋮---- mcp transport: TransportMode = Field ⋮---- default tool timeout: int… Evidence: `reversecore_mcp/core/config.py`
- **Evidence** (source_file): class EvidenceLevel str, Enum ⋮---- OBSERVED = "observed" INFERRED = "inferred" POSSIBLE = "possible" ⋮---- @property def symbol self - str ⋮---- @property def confidence score self - float ⋮---- class MITREConfidence str, Enum ⋮---- CONFIRMED = "confirmed" HIGH = "high" MEDIUM = "medium" LOW = "low" ⋮---- @dataclass class Evidence ⋮---- source: str location: str description: str raw data: str None = None timestamp: datetime = field default factory=datetime.now ⋮---- def to dict self - dict str, Any ⋮---- @dataclass class Finding ⋮---- title: str ⋮---- level: EvidenceLevel category: str evidence: list Evidence = field default factory=list mitre techniques: list str = field default factory=l… Evidence: `reversecore_mcp/core/evidence.py`
- **Prevent propagation to root logger** (source_file): class JSONFormatter logging.Formatter ⋮---- def format self, record: logging.LogRecord - str ⋮---- log data: dict str, Any = { ⋮---- extra fields = {} ⋮---- class ContextAdapter logging.LoggerAdapter ⋮---- def process self, msg: Any, kwargs: Any - tuple Any, Any ⋮---- extra = kwargs.get "extra", {} ⋮---- def setup logging - None ⋮---- settings = get config log level = settings.log level.upper log format = settings.log format.lower log file = settings.log file ⋮---- logger = logging.getLogger "reversecore mcp" ⋮---- console formatter: logging.Formatter = JSONFormatter file formatter: logging.Formatter = JSONFormatter ⋮---- human format = "% asctime s - % name s - % levelname s - % message s"… Evidence: `reversecore_mcp/core/logging_config.py`
- **=========================================================================** (source_file): logger = get logger name ⋮---- DEFAULT MEMORY DB PATH = Path.home / ".reversecore mcp" / "memory.db" ⋮---- class MemoryStore ⋮---- def init self, db path: Path None = None ⋮---- async def initialize self - None ⋮---- async def create schema self - None ⋮---- """Create database schema if not exists.""" ⋮---- async def close self - None ⋮---- @asynccontextmanager async def ensure connection self ⋮---- session id = str uuid.uuid4 now = datetime.now timezone.utc .isoformat .replace "+00:00", "Z" ⋮---- async def get session self, session id: str - dict None ⋮---- """ Get session details by ID. Args: session id: Session UUID Returns: Session details dict or None if not found """ ⋮---- cursor = aw… Evidence: `reversecore_mcp/core/memory.py`
- **Sort by confidence CONFIRMED HIGH MEDIUM LOW** (source_file): CONFIDENCE SYMBOLS: dict str, str = { ⋮---- CONFIDENCE ORDER: dict MITREConfidence, int = { ⋮---- @dataclass class MappingRule ⋮---- technique id: str technique name: str tactic: str indicators: list str min indicators: int = 1 confidence boost per indicator: float = 0.1 base confidence: MITREConfidence = MITREConfidence.MEDIUM ⋮---- def post init self - None ⋮---- MITRE MAPPING RULES: list MappingRule = ⋮---- class MITREMapper ⋮---- def init self, rules: list MappingRule None = None ⋮---- all indicators: set str = ⋮---- results = ⋮---- matched indicators = ⋮---- match ratio = len matched indicators / len rule.indicators ⋮---- confidence = MITREConfidence.CONFIRMED ⋮---- confidence = MITREC… Evidence: `reversecore_mcp/core/mitre_mapper.py`
- **Invalidate connection on error** (source_file): r2pipe = None ⋮---- logger = get logger name ⋮---- class R2PoolTimeout Exception ⋮---- class R2ConnectionPool ⋮---- def load config self - None ⋮---- config = get config ⋮---- @property def max connections self - int ⋮---- @property def acquisition timeout self - int ⋮---- def get connection semaphore self - threading.Semaphore ⋮---- def get async semaphore self - asyncio.Semaphore ⋮---- loop = asyncio.get running loop ⋮---- loop = None ⋮---- def get async lock self - asyncio.Lock ⋮---- def is connection healthy self, file path: str, r2: Any - bool ⋮---- result = r2.cmd "s" ⋮---- def maybe health check self, file path: str, r2: Any - bool ⋮---- now = time.time last check = self. last health… Evidence: `reversecore_mcp/core/r2_pool.py`
- **Init** (source_file): all = "SASTRule", "rule manager" Evidence: `reversecore_mcp/core/sast/__init__.py`
- **Handle relative paths: resolve them relative to workspace directory** (source_file): PATH VALIDATION CACHE SIZE = 256 ⋮---- @dataclass frozen=True class WorkspaceConfig ⋮---- workspace: Path read only dirs: tuple Path, ... ⋮---- @classmethod def from env cls - "WorkspaceConfig" ⋮---- config = get config ⋮---- WORKSPACE CONFIG: WorkspaceConfig None = None WORKSPACE CONFIG LOCK = threading.Lock ⋮---- def get workspace config - WorkspaceConfig ⋮---- WORKSPACE CONFIG = WorkspaceConfig.from env ⋮---- def invalidate path cache - None ⋮---- def refresh workspace config - WorkspaceConfig ⋮---- def reset workspace config - None ⋮---- WORKSPACE CONFIG = None ⋮---- @lru cache maxsize=PATH VALIDATION CACHE SIZE def resolve path cached path str: str - tuple Path, bool, str ⋮---- file pa… Evidence: `reversecore_mcp/core/security.py`
- **Get functions** (source_file): DASHBOARD DIR = Path file .parent TEMPLATES DIR = DASHBOARD DIR / "templates" STATIC DIR = DASHBOARD DIR / "static" ⋮---- router = APIRouter prefix="/dashboard", tags= "dashboard" ⋮---- templates = Jinja2Templates directory=str TEMPLATES DIR ⋮---- csrf tokens: dict str, str = {} ⋮---- def generate csrf token session id: str - str ⋮---- token = secrets.token urlsafe 32 ⋮---- def verify csrf token session id: str, token: str - bool ⋮---- expected = csrf tokens.get session id ⋮---- def sanitize for display text: str, max length: int = 1000 - str ⋮---- text = str text ⋮---- text = text :max length + "... truncated " ⋮---- def get router - APIRouter ⋮---- def get static files - StaticFiles ⋮----… Evidence: `reversecore_mcp/dashboard/__init__.py`
- **Init** (source_file): def register prompts mcp: FastMCP Evidence: `reversecore_mcp/prompts/__init__.py`
- **Security** (source_file): def vulnerability research mode filename: str = "target binary" - str ⋮---- def crypto analysis mode filename: str = "target binary" - str ⋮---- def firmware analysis mode filename: str = "target binary" - str ⋮---- def source code audit mode - str ⋮---- def autonomous vuln hunt mode filename: str = "target binary" - str Evidence: `reversecore_mcp/prompts/security.py`
- **Init** (source_file): all = Evidence: `reversecore_mcp/tools/__init__.py`
- **Init** (source_file): logger = get logger name ⋮---- class AnalysisToolsPlugin Plugin ⋮---- @property def name self - str ⋮---- @property def description self - str ⋮---- def register self, mcp server: Any - None ⋮---- all = "AnalysisToolsPlugin" Evidence: `reversecore_mcp/tools/analysis/__init__.py`
- **Analyze the file** (source_file): logger = get logger name ⋮---- def is capa available - bool ⋮---- @log execution async def run capa file path: str, output format: str = "summary" ⋮---- validated path = validate file path file path ⋮---- rules path = capa.main.get default root ⋮---- Analyze the file ⋮---- extractor = capa.loader.get extractor ⋮---- Get capabilities ⋮---- Format results result = { ⋮---- rule = rules rule name ⋮---- capability = { ⋮---- ns = capability "namespace" ⋮---- high risk namespaces = ⋮---- high risk count = 0 ⋮---- message = f"Detected {len capabilities } capabilities" ⋮---- @log execution async def run capa quick file path: str ⋮---- """ Quick CAPA scan returning only high-risk capabilities. Faster… Evidence: `reversecore_mcp/tools/analysis/capa_tools.py`
- **LIEF Analysis** (source_file): logger = get logger name ⋮---- PACKER SIGNATURES: list tuple str, str = ⋮---- COMPILER SIGNATURES: list tuple str, str = ⋮---- SUSPICIOUS SECTIONS = { ⋮---- def analyze binary with lief file path: Path - dict ⋮---- result = { ⋮---- binary = lief.parse str file path ⋮---- machine = getattr binary.header, "machine", None is amd64 = False ⋮---- is amd64 = ⋮---- identity class = getattr binary.header, "identity class", None is 64 = ⋮---- machine type = getattr binary.header, "machine type", None mach str = str machine type .upper ⋮---- cpu type = getattr binary.header, "cpu type", None cpu str = str cpu type .upper ⋮---- entropy = section.entropy ⋮---- name lower = section.name.lower ⋮---- @log… Evidence: `reversecore_mcp/tools/analysis/die_tools.py`
- **Diff Tools** (source_file): DEFAULT TIMEOUT = get config .default tool timeout ⋮---- SIMILARITY PATTERN = re.compile r"similarity:\s \d+\.?\d " ADDRESS PATTERN = re.compile r" 0x 0-9a-fA-F + " HEX PATTERN = re.compile r" ?:0x ? 0-9a-fA-F {4,} " ⋮---- @lru cache maxsize=256 def extract library name function name: str - str Evidence: `reversecore_mcp/tools/analysis/diff_tools.py`
- **Iterate directly with limit instead of slicing** (source_file): def extract sections binary: Any - list dict str, Any ⋮---- def extract mitigations binary: Any - dict str, Any ⋮---- mitigations: dict str, Any = { ⋮---- has bind now = False has relro = False ⋮---- has relro = True ⋮---- flags = binary.get lief.ELF.DYNAMIC TAGS.FLAGS ⋮---- has bind now = True ⋮---- dll chars = binary.optional header.dll characteristics lists ⋮---- load config = binary.load configuration ⋮---- def extract symbols binary: Any, max imports: int = 100, max exports: int = 100 - dict str, Any ⋮---- symbols: dict str, Any = {} ⋮---- formatted imports: list dict str, Any = ⋮---- entries = getattr imp, "entries", ⋮---- func list = ⋮---- formatted exports: list dict str, Any = ⋮---… Evidence: `reversecore_mcp/tools/analysis/lief_tools.py`
- **Pre-compile RTTI detection patterns for performance optimization** (source_file): DEFAULT TIMEOUT = get config .default tool timeout ⋮---- MIN OUTPUT SIZE = 1024 1024 LLM SAFE LIMIT = 50 1024 MAX EXTRACTED FILES = 200 MAX SIGNATURES = 50 ⋮---- VERSION PATTERNS = { ⋮---- Pre-compile RTTI detection patterns for performance optimization These patterns are used in extract rtti info to identify C++ type information RTTI MAIN PATTERN = re.compile r" ZTS ZTI ZTV \.?\?A VUW class\s+\w+ struct\s+\w+ " ⋮---- Patterns for extracting class names from various RTTI formats RTTI CLASS PATTERNS = ⋮---- re.compile r" ?:class struct \s+ \w+ ?:::\w+ " , class Foo, struct Bar::Baz re.compile r"\.?\?AV \w+ @@" , MSVC class: .?AVClassName@@ re.compile r"\.?\?AU \w+ @@" , MSVC struct: .?AUStru… Evidence: `reversecore_mcp/tools/analysis/static_analysis.py`
- **Init** (source_file): logger = get logger name ⋮---- class CommonToolsPlugin Plugin ⋮---- @property def name self - str ⋮---- @property def description self - str ⋮---- def register self, mcp server: Any - None ⋮---- memory plugin = MemoryToolsPlugin ⋮---- server plugin = ServerToolsPlugin ⋮---- all = "CommonToolsPlugin" Evidence: `reversecore_mcp/tools/common/__init__.py`
- The remaining 20 evidence entries are in `AI_CONTEXT_PACK.json` or `EVIDENCE_INDEX.json`.

## Rules the Host AI Must Follow

- **Treat this asset as pre-work context, not a runtime environment.**: The AI Context Pack contains only an evidence-backed understanding of the project, not the project's executable state. Evidence: `README.md`, `resources/README.md`, `docs/development/contributing.md`
- **When answering the user, distinguish what can be previewed from what can only be verified after install.**: The consumer value of the pre-install experience comes from reducing bad installs and misjudgments, not from pretending to be a real run. Evidence: `README.md`, `resources/README.md`, `docs/development/contributing.md`

## Questions the User Should Answer First

- Which host AI or local environment do you plan to use it in?
- Do you just want to experience the workflow first, or are you ready to actually install?
- What matters most to you: install cost, output quality, or conflicts with your existing rules?

## Acceptance Checks

- Every capability claim can be traced back to a file path in evidence_refs.
- AI_CONTEXT_PACK.md does not package previews as a real run.
- The user can understand who it fits, what it can do, how to start, and the risk boundaries within 3 minutes.

---

## Doramagic Context Augmentation

The following sections strengthen the repository context for a host AI. Human Manual data is a reading route, and pitfall notes become operating constraints.

## Human Manual Outline

Usage rule: this is only a reading route and salience signal, not factual authority. Concrete claims must still return to repo evidence or Claim Graph.

Host AI hard rules:
- Do not treat page titles, section order, summaries, or importance values as factual project evidence.
- When explaining the Human Manual outline, state that it is only a reading route or salience signal.
- Capability, installation, compatibility, runtime state, and risk claims must cite repo evidence, source paths, or Claim Graph.

- **Introduction to Reversecore MCP**: importance `high`
  - source_paths: README.md, server.py, reversecore_mcp/__init__.py, docs/index.md
- **System Architecture & Core Infrastructure**: importance `high`
  - source_paths: reversecore_mcp/core/config.py, reversecore_mcp/core/security.py, reversecore_mcp/core/r2_pool.py, reversecore_mcp/core/memory.py, reversecore_mcp/core/mitre_mapper.py
- **Tools & Analysis Capabilities**: importance `high`
  - source_paths: reversecore_mcp/tools/__init__.py, reversecore_mcp/tools/analysis/static_analysis.py, reversecore_mcp/tools/analysis/lief_tools.py, reversecore_mcp/tools/analysis/capa_tools.py, reversecore_mcp/tools/analysis/die_tools.py
- **Deployment, CI/CD & Security Model**: importance `medium`
  - source_paths: Dockerfile, Dockerfile.base, docker-compose.yml, scripts/run-docker.sh, .env.example

## Repo Inspection Evidence

- repo_clone_verified: true
- repo_inspection_verified: true
- repo_commit: `32bd984d974e84dd6f7b91c742d1c8d2d617a7ec`
- inspected_files: `Dockerfile`, `README.md`, `docker-compose.yml`, `pyproject.toml`, `requirements.txt`, `docs/CI_CD_TOOL_TESTING.md`, `docs/ENHANCED_CI_CD.md`, `docs/EXTENDED_TOOLS_ANALYSIS.md`, `docs/api/core/config.md`, `docs/api/core/exceptions.md`, `docs/api/core/logging.md`, `docs/api/core/memory.md`, `docs/api/core/metrics.md`, `docs/api/core/r2_pool.md`, `docs/api/core/security.md`, `docs/api/core/task_queue.md`, `docs/api/tools/analysis.md`, `docs/api/tools/common.md`, `docs/api/tools/forensics.md`, `docs/api/tools/malware.md`

Host AI hard rules:
- Without repo_clone_verified=true, do not claim that the source code has been read.
- Without repo_inspection_verified=true, do not write README, docs, or package-file conclusions as facts.
- Without quick_start_verified=true, do not claim that the Quick Start path has run successfully.

## Doramagic Pitfall Constraints

These rules come from Doramagic discovery, validation, or compilation findings. The host AI must treat them as operating constraints, not background notes.

### Constraint 1: Capability evidence risk requires verification

- Trigger: README/documentation is current enough for a first validation pass.
- Host AI rule: Reproduce the official install and quickstart path in an isolated environment.
- Why it matters: May increase setup, validation, or first-run risk for the user.
- Evidence: capability.assumptions | https://github.com/sjkim1127/Reversecore_MCP
- Hard boundary: Do not present this pitfall as solved, verified, or ignorable unless later evidence explicitly closes it.

### Constraint 2: Security or permission risk requires verification

- Trigger: no_demo
- Host AI rule: Reproduce the official install and quickstart path in an isolated environment.
- Why it matters: May increase setup, validation, or first-run risk for the user.
- Evidence: downstream_validation.risk_items | https://github.com/sjkim1127/Reversecore_MCP
- Hard boundary: Do not present this pitfall as solved, verified, or ignorable unless later evidence explicitly closes it.

### Constraint 3: Security or permission risk requires verification

- Trigger: no_demo
- Host AI rule: Reproduce the official install and quickstart path in an isolated environment.
- Why it matters: May increase setup, validation, or first-run risk for the user.
- Evidence: risks.scoring_risks | https://github.com/sjkim1127/Reversecore_MCP
- Hard boundary: Do not present this pitfall as solved, verified, or ignorable unless later evidence explicitly closes it.

### Constraint 4: Maintenance risk requires verification

- Trigger: issue_or_pr_quality=unknown。
- Host AI rule: Reproduce the official install and quickstart path in an isolated environment.
- Why it matters: May increase setup, validation, or first-run risk for the user.
- Evidence: evidence.maintainer_signals | https://github.com/sjkim1127/Reversecore_MCP
- Hard boundary: Do not present this pitfall as solved, verified, or ignorable unless later evidence explicitly closes it.

### Constraint 5: Maintenance risk requires verification

- Trigger: release_recency=unknown。
- Host AI rule: Reproduce the official install and quickstart path in an isolated environment.
- Why it matters: May increase setup, validation, or first-run risk for the user.
- Evidence: evidence.maintainer_signals | https://github.com/sjkim1127/Reversecore_MCP
- Hard boundary: Do not present this pitfall as solved, verified, or ignorable unless later evidence explicitly closes it.
