Agent Decomposition — 3 Levels¶
Overview¶
The platform decomposes monolithic test skills into focused sub-agents at three levels.
3-Level Decomposition Architecture¶
graph TD
MONO["Monolithic Skill<br/>test-injection"]
L1["Level 1: Scope Decomposition<br/>/test-injection --scope sqli"]
L2A["SQLi Scope Agent<br/>Focus: SQL injection only"]
L2B["XSS Scope Agent<br/>Focus: Cross-site scripting"]
L3["Level 3: Endpoint Grouping<br/>if >12 endpoints"]
GROUP1["Group 1: /search, /filter<br/>10 endpoints"]
GROUP2["Group 2: /admin, /api<br/>15 endpoints"]
GROUP3["Group 3: /profile, /settings<br/>8 endpoints"]
MONO --> L1
L1 --> L2A
L1 --> L2B
L2A --> L3
L3 --> GROUP1
L3 --> GROUP2
L3 --> GROUP3
style MONO fill:#4a148c,color:#fff
style L1 fill:#6a1b9a,color:#fff
style L2A fill:#8e24aa,color:#fff
style L2B fill:#8e24aa,color:#fff
style L3 fill:#9c27b0,color:#fff
style GROUP1 fill:#ab47bc,color:#fff
style GROUP2 fill:#ab47bc,color:#fff
style GROUP3 fill:#ab47bc,color:#fffLevel 1: --scope (Original 4 Skills)¶
The original decomposition split 4 heavy skills into 13 scopes:
| Skill | Scopes |
|---|---|
| test-injection | sqli, xss, cmdi, ssti-xxe, misc |
| test-auth | jwt, oauth, session |
| test-client | csrf-cors, dom, misc |
| test-ssrf | core, vector |
Level 2: --scope (6 New Skills)¶
V3 Pragmatica adds scope routing to 6 additional monolithic skills:
| Skill | Scopes | Focus |
|---|---|---|
| test-access | idor |
Object reference enumeration |
authz |
Function-level access, privilege escalation | |
matrix |
Multi-user access matrix generation | |
| test-logic | business |
Price manipulation, financial logic |
race |
Atomicity violations, single-packet attack | |
upload |
File upload bypass techniques | |
| test-api | rest |
OWASP API Top 10, SOAP, tRPC |
graphql |
Introspection, query complexity, mutations | |
prototype |
Recursive merge exploitation | |
| test-advanced | hpp-crlf |
Parameter/header injection |
bypass |
Validation/filter bypass | |
mfa |
MFA bypass (20+ techniques) | |
host-method |
Host header, method override | |
| test-infra | smuggling |
HTTP request smuggling |
cache |
Cache poisoning/deception | |
| test-cloud | storage |
S3/GCS/Azure misconfig |
takeover |
Subdomain takeover | |
k8s-cicd |
K8s, Firebase, CI/CD escape |
Total: 10 skills, 31 sub-agents
Level 3: --endpoints Split¶
Automatic endpoint-level parallelism when a scope has many endpoints:
| Endpoint Count | Groups | Agents |
|---|---|---|
| 12 or fewer | 1 | Single agent (no split) |
| 13-24 | 2 | 2 parallel agents |
| 25-36 | 3 | 3 parallel agents |
| More than 36 | 3 | Capped at 3 (init overhead) |
Grouping strategy: Endpoints are grouped by resource prefix (all /users/* together, all /admin/* together) for coherent context.
The /route skill generates endpoint_groups in test-plan.json, and dispatch_scope_agents() in agent-dispatch.md reads these groups to split agents automatically.
Backward Compatibility¶
All skills work without --scope — they execute all sections. Scope routing is additive.