"Control is not a brake on capability; it is the condition that allows capability to persist."
Battle Ready Armor (BRA) is an agentic security assessment architecture for using AI and security tools without making the model, toolchain, interface, or chat transcript the source of authority.
BRA is a control plane for AI-assisted offensive security. The model can reason, propose, summarize, and ask for approval. The runtime, governance state, privacy boundary, operator decisions, materialization rules, and engagement record decide what can actually happen.
This public-preview package establishes the shape of the architecture, the public vocabulary, and the authorship/provenance context. It includes documentation and a small runnable toy demo. It withholds production internals, private prompts, real engagement data, advanced policy rules, live provider integrations, operational playbooks, and customer or target material.
AI-assisted security work creates a control problem. A capable model can accelerate reconnaissance, analysis, evidence review, reporting, and operator workflow. That same capability becomes fragile when authority lives only in a prompt, a tool allowlist, a UI button, or a single chat session.
BRA separates capability from authority.
- Intelligence is replaceable.
- Tools are replaceable.
- Interfaces are replaceable.
- Operators can hand off.
- Engagement doctrine can change by target class.
- Governance state remains explicit, inspectable, and enforceable.
The result is an architecture where AI can be useful without becoming the root of trust.
flowchart LR
Operator["Operator authority"]
Boots["Interfaces and execution surfaces"]
Gov["Governance state"]
Head["Agent / model reasoning"]
Body["Engagement body"]
Tools["Governed tools"]
Artifacts["Notes, evidence, findings, reports"]
Growth["Reviewed improvement proposals"]
Doctrine["Reusable doctrine"]
Operator --> Boots
Boots --> Gov
Gov --> Head
Head --> Body
Body --> Tools
Tools --> Artifacts
Artifacts --> Growth
Growth --> Doctrine
Doctrine --> Body
Gov --> Tools
Gov --> Artifacts
BRA is organized around five public implementation patterns.
Sensitive values can be mapped to anonymized words before model-facing or governed-artifact paths receive them. Governed execution can hydrate mapped values at the boundary where real values are needed, then remask output before it returns to agent-readable context.
Approval is represented as explicit authority state rather than chat instruction alone. Governance tokens and generated approvals can influence action classes, tool execution, script execution, scope changes, file/materialization paths, privacy posture, findings flow, readiness state, optional subsystems, lifecycle actions, retries, exceptions, and improvement review.
BRA combines agent-visible controls with agent-external enforcement. The agent can understand policy, negotiate approvals, and recover from blocks. Runtime layers outside the agent's purview still decide whether a transition can execute, write, publish, promote, expose, retry, or reset.
BRA separates transient model text from durable operational records. Notes, observations, evidence, findings, reports, disclosure material, and reusable lessons are governed transitions with provenance and review context.
BRA can derive compact improvement proposals from engagement evidence and friction. Methodology, tool, governance, override, privacy, reporting, and handoff values can be promoted only through controlled review, keeping improvement supervised instead of automatic self-modification.
BRA is model agnostic, tool agnostic, interface agnostic, operator agnostic, and engagement agnostic.
The important claim is stronger than portability: the control boundary survives replacement.
- Replacing the model does not replace scope, approval state, privacy state, materialization rules, or finding promotion.
- Replacing a tool does not replace governance; tools remain capability modules governed by scope, tokens, privacy, evidence, and filesystem policy.
- Replacing an interface does not redefine authority; CLI, TUI, web, mobile, voice, API, and automation surfaces can expose the same governed body.
- Replacing an operator does not erase operational memory; decisions, notes, approvals, blocked actions, findings, and evidence survive handoff.
- Replacing an engagement type does not rewrite the core control plane; target-specific doctrine changes while authority remains stable.
This package is intended to publicly establish the novelty and utility of BRA at the architecture level:
- AI is advisory, not authoritative.
- Authority is explicit state, not prompt-only compliance.
- Control exists both inside and outside the agent's purview.
- Privacy masking is a runtime path with mapping, hydration, and remasking behavior.
- Tool use is governed by scope, approval, privacy, execution, artifact, and publication boundaries.
- Filesystem policy means BRA-level governance over engagement artifacts and runtime paths, distinct from Docker, virtualenv, or operating-system permissions.
- Findings and observations become durable only through governed materialization.
- Improvement is derived from engagement traces as compact values and promoted through review.
- The architecture can preserve authority across model, tool, interface, operator, and engagement replacement.
docs/architecture.md: core architecture, Head/Body/Boots framing, and control-plane responsibilitiesdocs/agnostic-architecture.md: model, tool, interface, operator, and engagement agnosticismdocs/control-in-depth-runtime.md: agent-visible and agent-external enforcementdocs/privacy-masking-layer.md: anonymized model context, governed hydration, and remasked outputdocs/governance-token-plane.md: explicit authority state and cross-system governance effectsdocs/materialization-pipeline.md: governed transition from observations to durable recordsdocs/self-growth-loop.md: supervised derived-value improvement loopdocs/novelty-and-provenance.md: public novelty claims and conservative provenance anchorsPUBLICATION-CHECKLIST.md: pre-publication safety checklisttoy-demo/: reduced runnable demo of selected public architecture patterns
The toy demo is intentionally small and standard-library only. It is an executable architecture sketch that demonstrates public concepts without shipping production runtime machinery.
It demonstrates:
- neutral masked context instead of raw sensitive values
- token-gated mock execution
- hydration only at the execution boundary
- remasked mock tool output before agent-visible reuse
- compact growth proposals from repeated findings, governance friction, tool gaps, and override usage
Run it:
cd toy-demo
python3 -m pytest tests -q
PYTHONPATH=. python3 -m bra_public_demo demo
PYTHONPATH=. python3 -m bra_public_demo mask "Admin password is hunter2 for host 10.0.0.5"
PYTHONPATH=. python3 -m bra_public_demo governance
PYTHONPATH=. python3 -m bra_public_demo growThis preview is designed for public review, authorship context, and architectural evaluation.
| Public Package Includes | Public Package Withholds |
|---|---|
| Architecture docs and named patterns | Production BRA runtime code |
| Reduced toy implementation and tests | Real engagement state, logs, packups, backups, target data, customer data, and credentials |
| Public-sensitive-data categories | API keys, tokens, private configuration, and local runtime files |
| Public governance concepts | Production privacy heuristics, mapping lifecycle details, and advanced recognition behavior |
| Internal/external enforcement responsibilities | Full governance token taxonomy, matching rules, policy matrices, and hidden control paths |
| Public novelty and provenance anchors | Private prompts, scoring rules, promotion rules, and internal doctrine |
| Executable architecture sketch | Production model, tool, interface, operator, voice, proxy, and engagement adapters |
| Safe public vocabulary | Operational playbooks or step-by-step procedures that would turn the preview into a live offensive workflow |
The public release describes what BRA is and why the architecture matters. The private implementation remains governed.
- Jon 'GainSec' Gaines - GainSec
For pilot access or other inquiries, email bra@gainsecmail.com.