
Research
/Security News
11 Malicious NuGet Tools Pose as Game Cheats to Drop a Windows Host-Surveillance Payload
11 malicious NuGet tools pose as game cheats to deploy Windows payloads, track hosts, and use Google Sheets for telemetry and control.
@dreamcatcher-ai/cli
Advanced tools
AI Agent testing suites
The goal of this repository is to produce bots that are listed in the bots/ folder. These bots form a botnet where they can call each other, and coordinate together to give the user the best possible answer. Primarily we are making an AI assistant to help advise on matters of the Dreamcatcher, but the general framework is applicable to everything.
These bots should be able to call functions and perform tasks that alter external system state. These bots will be used to write and maintain this repository, as a ranging shot for the coming age of anything apps
The first bot to load is always the colonel. This bot controls all the other bots, and is intentionally difficult to modify as doing so would render the application unusable.
We must get to a position where we can deploy the testing framework, and specify jobs in terms of the prompt responses we want, and have humans work towards fixing those to work as we expect.
Running in some trusted environment.
There is some gatekeeper that polices changes going thru, then there is some way that passed changes get fed back to clients.
The guardian needs some kind of way to refer to its core, and run the tests specified there, then pass it.
The guardian should be able to run tests on its core and update them.
You: I want to start a new session
GPT: This is a new session, stored under folder xyz. Do you want to use any templates ? here are some suggestions
You: make the system message be "I am a cat". How are the system tests doing with that ?
GPT: ok. The tests for core have failed completely. meow. (shows the test ui viewer)
You: (use the safeword to break out of the model)
You: show me the tests for model xyz GPT: (switches nav to model list UI) I'm not sure which one you mean, is it this one ?
You: yo hows the fine tuning going GPT: (shows the fine tuning status UI) there's 3 jobs going right now, 2 in the queue, and one failed
Should be able to set up test scrips and load them with good prompts.
Colonel needs to handle multiple bot jobs per prompt
colonel could just use another bot, a system bot, to answer system commands.
Be able to discuss the current status of combinations of bots.
The appraiser should give some reasoning back, which can serve as feedback to the AI to try again with some modified responses. When a human sees an AI stuck in a loop, it should be able to free it with very little effort.
Bot mode and workbench mode - change the prompt, break out with a hotkey. Lets you change the system message part way thru a chat and have it reload the whole chat again. This lets sessions be generated and prompts manually altered, or chat focus altered to be different
Bot should be able to switch to another bot, and be preloaded with convo so far
How should we handle peoples data ? Detect successful chains so we can get there quicker next time. In the background we should be processing for success scores.
Extract a common format from each one, and walk the db
Start making a blockchain app that uses the colonel app to generate a hard coded application that represents everything the colonel has been asked to do, like macros, to date
log dumping to disk say what files got loaded in book, one per match make a chat load up that is preloaded and run using the appraiser If add a user prompt at the end of boot, api will be called
FAQs
AI Agent testing suites
We found that @dreamcatcher-ai/cli demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
/Security News
11 malicious NuGet tools pose as game cheats to deploy Windows payloads, track hosts, and use Google Sheets for telemetry and control.

Research
/Security News
4 compromised asyncapi packages deliver miasma botnet loader on macOS, Linux and Windows.

Research
/Security News
A compromised jscrambler npm release added a malicious preinstall hook that runs hidden native binaries on Linux, macOS, and Windows.