Overview
PortShim is not an autonomous scanner โ it's an operator-in-the-loop pipeline. At the end of every phase, a structured gate review presents findings, metrics, and recommendations. The operator decides what happens next.
Gate Review Structure
Each gate presents:
- Phase summary โ What was scanned, what was found, how long it took
- Key findings โ Prioritised list with severity, confidence, and evidence
- Model performance โ Tokens processed, inference time, cost/time estimate
- Recommendation โ LLM-generated suggestion based on findings
- Decision prompt โ Four choices awaiting operator input
The Four Verdicts
- APPROVE โ Phase completed satisfactorily. Proceed to the next phase with current config.
- RERUN โ Something was missed or needs refinement. Re-run the current phase with adjusted parameters (different model, wider scope, more aggressive timing).
- MODIFY SCOPE โ The engagement context has changed. Add/remove targets, switch engagement profile, change LLM mode, or update credentials before continuing.
- ABORT โ Critical issue, scope violation, or engagement completion. Halt the pipeline. All findings are saved for reporting.
Gate 1 โ Topology Review
The most detailed gate. topology.py --gate1 produces complete host summaries from nmap XML โ never truncated, never abbreviated. The operator sees every discovered host with its classified role, open ports, and OS fingerprint before approving the target list for vulnerability analysis.
AI Agent Integration
Gate reviews are agent-friendly by design. When paired with Hermes Agent or another AI assistant, reviews become interactive conversations. The agent presents findings, answers questions about specific hosts or vulnerabilities, waits for your decision, and executes the chosen action. Common workflows:
- End-to-end: Bootstrap via deploy.py, hand off to the agent. It walks through the 6-phase pipeline, presenting at every gate.
- Report-driven: After assessment, the agent drafts executive summaries, populates checklists, and generates multi-format reports โ with operator approval at each step.
- Adversary simulation: The agent adapts stealth profiles mid-engagement, handles wireless scope changes, and maintains an auditable evidence trail.
Audit Trail
All gate decisions are logged with timestamp, operator identity, and the context that led to the decision. This produces a complete engagement record suitable for compliance, legal review, or after-action analysis.