Skip to content

[WIP] Build RootAI like a model airplane kit#2

Merged
tattoosonmyskin merged 1 commit into
mainfrom
copilot/build-rootai-kit-v1
Jan 11, 2026
Merged

[WIP] Build RootAI like a model airplane kit#2
tattoosonmyskin merged 1 commit into
mainfrom
copilot/build-rootai-kit-v1

Conversation

Copilot AI commented Jan 11, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Build Kit v1 Implementation Plan

  • Step 1: Repository already cloned and ready
  • Step 2: Create EKG Base with ekg/fetch_cves.py for CVE fetching
  • Step 3: Create Prompt Deconstructor with ekg/deconstruct.py using transformers
  • Step 4: Create Reasoning Blueprint with blueprints/path_pruner.py
  • Step 5: Create Core Integrator with app/rootai.py that ties everything together
  • Step 6: Create Dockerfile for containerization
  • Step 7: Create CLI wrapper cli.py for command-line interface
  • Step 8: Create index.html for GitHub Pages UI
  • Step 9: Add test cases for validation
  • Step 10: Implement freemium tier limits
  • Step 11: Create Discord bot integration (optional)
  • Step 12: Documentation and final setup for launch
  • Create requirements.txt with all dependencies
  • Add .gitignore to exclude Python artifacts
  • Test the complete pipeline end-to-end
Original prompt

This section details on the original issue you should resolve

<issue_title>Build kit v1</issue_title>
<issue_description>Build RootAI like a model airplane kit: Follow these 12 numbered steps with exact "parts" (code/files) and check-offs. Hands-on, copy-paste, test-as-you-go—total ~4-6 hours on Kali/Starlink rig.

Parts List (Prep: 10min)

  • Laptop (Kali/Debian), Docker, Python 3.10+, Git.
  • Accounts: GitHub, Hugging Face (free), NVD API key (cve.mitre.org).
  • Folders: ~/rootai/{ekg, blueprints, app}.

Step-by-Step Build Guide

  1. Clone Repo
    git clone https://github.com/yourusername/rootai.git && cd rootai (or mkdir rootai && cd rootai). ✅

  2. EKG Base (Dual Grounding: 30min)
    Create ekg/fetch_cves.py:

    import requests
API_KEY = "your-nvd-key"
def fetch_cve(cwe_id):
    url = f"https://services.nvd.nist.gov/rest/json/cves/2.0?cweId={cwe_id}&apiKey={API_KEY}"
    return requests.get(url).json()

    Test: python ekg/fetch_cves.py → JSON output. ✅[1]

  3. Prompt Deconstructor (20min)
    ekg/deconstruct.py:

    from transformers import pipeline
deconstructor = pipeline("ner", model="dbmdz/bert-large-cased-finetuned-conll03-english")
def deconstruct(prompt):
    entities = deconstructor(prompt)
    return {"cwe": "841", "type": "IDOR"}  # Parse to CWE
print(deconstruct("time-warp session hijack"))

    Install: pip install transformers torch. Run/test. ✅

  4. Reasoning Blueprint (30min)
    blueprints/path_pruner.py:

    def prune_paths(entities):
    valid = ["exploit", "poc"]  # Constraint rules
    return [p for p in ["eval", "poc"] if p in valid]
print(prune_paths({"type": "IDOR"}))  # ['poc']

    Test invalid paths rejected. ✅

  5. Core Integrator (40min)
    app/rootai.py:

    from ekg.deconstruct import deconstruct
from ekg.fetch_cves import fetch_cve
from blueprints.path_pruner import prune_paths

def generate_poc(prompt):
    ents = deconstruct(prompt)
    cve_data = fetch_cve(ents["cwe"])
    paths = prune_paths(ents)
    return f"PoC for {prompt}: {cve_data['results']['cve']['descriptions']['value']}"

print(generate_poc("time-warp session hijack"))

    Run: Verified output <2s. ✅

  6. Dockerize (20min)
    Dockerfile:

    FROM python:3.10-slim
RUN pip install transformers torch requests
COPY . /app
CMD ["python", "app/rootai.py"]

    docker build -t rootai . && docker run rootai

  7. CLI Wrapper (15min)
    cli.py:

    import argparse
from app.rootai import generate_poc
parser = argparse.ArgumentParser()
parser.add_argument("prompt")
args = parser.parse_args()
print(generate_poc(args.prompt))

    ./cli.py "test prompt" works. ✅

  8. GitHub Pages UI (30min)
    index.html (basic Streamlit alt):

    <input id="prompt" placeholder="Enter vuln prompt">
<button onclick="run()">Generate PoC</button>
<pre id="output"></pre>
<script>
async function run() { /* Call /api via fetch */ }
</script>

    Host free GitHub Pages. ✅

  9. Test High-Risk Assumption (20min)
    Run CLI on 5 real prompts (e.g., your time-warp); check latency<2s, accuracy. ✅

  10. Freemium Tier (15min)
    Add if free: limit=3 queries/day in rootai.py. Stripe later. ✅

  11. Discord Bot (30min)
    bot.py with discord.py: /poc <prompt>. Deploy Replit free. ✅

  12. Launch & Iterate (Ongoing)
    Push GitHub, tweet OWASP, track stars/issues. MVP done! ✅

Fly it: docker run -it rootai → Generate first PoC. Tweak from feedback. Airplane built—now fly bounties.

Sources
[1] Security - Hugging Face https://huggingface.co/docs/hub/en/security
[2] root-ai-gemini.pdf https://ppl-ai-file-upload.s3.amazonaws.com/web/direct-files/attachments/104285389/0d70f332-4edf-4c15-84d9-80f863cc7d9c/root-ai-gemini.pdf
[3] rootAi-ds.odt https://ppl-ai-file-upload.s3.amazonaws.com/web/direct-files/attachments/104285389/a00d2512-9dda-4550-9620-2baa1a452e30/rootAi-ds.odt
[4] root-ai-diagram1.jpg https://ppl-ai-file-upload.s3.amazonaws.com/web/direct-files/attachments/images/104285389/e18fa924-8552-480e-932b-fb8dc8d2fc7f/root-ai-diagram1.jpg?AWSAccessKeyId=ASIA2F3EMEYE3DURKAJI&Signature=IOWTClC8%2BQMJ7tTyLSgNQGSrF40%3D&x-amz-security-token=IQoJb3JpZ2luX2VjEBgaCXVzLWVhc3QtMSJIMEYCIQCJjzxs08xkqwjxz7Zub2x3htg3tbvJ1w0BTrC9YbT5TAIhAK6LPnrc58jH2rEFM0MaqBUJF2lM7qTwfu%2FnF9IjVAhxKvwECOD%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEQARoMNjk5NzUzMzA5NzA1Igyfev0YBEyXeNNTUZ8q0ASd1OLxX%2BuI6hi0DVlHYX6h7mhLWsqt0Jbygm%2FdWyYLy26PdMMO%2B0ewAY3LQm0eP8gxEzNyrNNPJrnJn%2F8RVSDkVdXUrEcSw2odevFz%2Fg3yMUL6Mu2jXRe7cYyyk7b6K5GnNXK3T8w36u%2Fg90GG8MFvCJMMIvH0jMTIPD33LgIAbdjVVvyUmWhgWvvfgJbeKT%2FNPWGTgYRUOlzNXV1Tz1GCwYF%2B6R8EN07FJH6ziNTCulGKHYnChKq0s1PpI6BTdjoWxbuMtzXQpG9CPyiAyzAl1gKb6KXvA5W9ggkx%2B7nZlPwmEbqZ78NM1NQVgYlRf%2B3IeoBh0hgj1GH4yhZ%2BnTNY5%2B...

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

Copilot AI reviewed Jan 11, 2026
View reviewed changes

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot wasn't able to review any files in this pull request.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@tattoosonmyskin tattoosonmyskin marked this pull request as ready for review January 11, 2026 23:51
Copilot AI reviewed Jan 11, 2026
View reviewed changes

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot wasn't able to review any files in this pull request.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@tattoosonmyskin tattoosonmyskin merged commit 063ab3d into main Jan 11, 2026
1 check failed
Copilot stopped work on behalf of tattoosonmyskin due to an error January 11, 2026 23:52
The session was cancelled by the user.
Copilot AI requested a review from tattoosonmyskin January 11, 2026 23:52
tattoosonmyskin
tattoosonmyskin reviewed Jan 11, 2026
View reviewed changes

@tattoosonmyskin tattoosonmyskin left a comment

Copy link
Copy Markdown
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Update added

@tattoosonmyskin tattoosonmyskin deleted the copilot/build-rootai-kit-v1 branch January 11, 2026 23:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tattoosonmyskin tattoosonmyskin tattoosonmyskin left review comments

Copilot code review Copilot Copilot left review comments

Assignees

@tattoosonmyskin tattoosonmyskin

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Build kit v1

3 participants

@tattoosonmyskin