**Show HN: I Built a Mitmproxy AI Agent Using 4000 Paid Security Disclosures**

As a security researcher, I've been exploring ways to leverage Large Language Models (LLMs) for automating tasks and enhancing my workflow. Recently, I built an AI agent using the mitmproxy framework, which has shown impressive results in identifying potential security vulnerabilities.

**Background:**

I've been using LLMs like Gemini CLI and Claude Code extensively for tasks such as downloading videos from social media or bypassing password protection on PDFs. These tools can execute code and run curl or grep to help with tedious parts of API auditing. However, I wondered if I could teach them to hack APIs and perform more advanced security checks.

**Teaching the LLM:**

I put the description and reproducibility steps of 150 security bugs I'd found in my career into their system instructions (via files like GEMINI.md or CLAUDE.md). However, this resulted in system instructions becoming too big for the LLM's comfort, causing latency issues and unnecessary costs. To address this, I opted to log everything in a log.txt file and ask the CLI tool to use Regex, Grep, etc., in the file for things it was looking for.

**Improving the Scope:**

With the architecture finalized, I aimed to improve the scope of the tool by incorporating a world-class security researcher's data. I utilized HackerOne's public disclosures, filtering out 4000 bugs with bounty payments as a proxy for good impact. With this dataset, I modified all the command's markdown files to include new learnings and ways to find issues.

**A Bug Found:**

I already found a low-hanging fruit in vercel.com's `/avatar?u=USERNAME` endpoint using the tool. It told me that they were using just `USERNAME` as the param, which I was able to exploit by trying the CEO's username from Twitter.

**Transitioning to an Agentic Tool:**

While letting researchers control what to look for with commands like `/find-idor`, my goal of achieving agentic behavior remained unfulfilled. I wanted the LLM to figure out available commands and invoke them on its own. To achieve this, I employed three methods:

1. **Content matching:** The content of a Skill is exactly the same as the command. 2. **Using Skills:** Same markdown files can be used as Skills by placing them in an appropriate folder. 3. **Plain English invocation:** Asking the CLI tool to use particular skills or sets in plain English.

**Disclaimer:**

Before using this tool on any domain, ensure you have permission to do so. This blog is meant to provide a way to club mitmproxy with existing LLM CLI tools and make it more intelligent with bug bounty reports.

**Code Repository:**

[Insert link to the code repository]

Note: This article has been formatted for better readability with HTML tags.