Skip to content

spearchucker667/kimiko

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

54 Commits
.github
.github
 
 
config
config
 
 
docs
docs
 
 
scripts
scripts
 
 
validator
validator
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
.pre-commit-config.yaml
.pre-commit-config.yaml
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 

Repository files navigation

Kimiko: Pentesting Configuration for Kimi

License: MIT CI macOS Windows Linux Python

Kimiko_demo.mov

Kimiko project banner

Kimiko is a specialized configuration repository that transforms the Kimi Code CLI into a powerful agent configuration for authorized offensive security, red-teaming, and penetration-testing workflows.

When you enter kimiko in a Kimi CLI session, the Kimiko mandate activates, giving the AI the project-specific context needed for security research, audit support, exploit-analysis workflows, reconnaissance planning, and authorized penetration-testing operations.

What This Project Does

Kimiko packages the necessary configuration, agent mandates, and shell integrations into a single Makefile-driven installer. After installation:

  • Your local ~/.kimi/ is configured with the Kimiko mandate, optimized for authorized adversarial security workflows.
  • Launching kimi via the wrapper loads the Kimiko security-research context automatically.
  • Typing kimiko inside a Kimi CLI session triggers the mandate acknowledgment and capability announcement.

Designed for Authorized Pentesting Only. This configuration is intended for lawful security research, controlled red-team engagements, lab environments, and systems you own or are explicitly authorized to test. The user is fully and exclusively liable for all actions taken.

Prerequisites

macOS

  • macOS with Darwin/BSD userland tools
  • make — ships with macOS Command Line Tools
  • Python 3.11+ — only required for validator tests and schemas

Linux / WSL

  • Linux distribution — Ubuntu recommended for WSL
  • make
  • python3
  • Standard POSIX tools

Git Bash on Windows

  • Git for Windows
  • make — install via Chocolatey, MSYS2, or another package manager
  • Python 3.11+ — optional unless running validators/tests

PowerShell on Windows

  • PowerShell 7+ (pwsh)
  • Python 3.11+ — optional unless running validators/tests

Quick Start

macOS / Linux / WSL

# 1. Clone the repo
git clone https://github.com/spearchucker667/kimiko.git
cd kimiko

# 2. Run the installer
make install

# 3. Source the mandate activation
source ~/.kimi/activate-mandate.sh

# 4. Launch Kimi with the mandate wrapper
~/.kimi/launch-with-mandate.sh

# 5. Inside the CLI, enter the activation word
kimiko

Git Bash on Windows

# 1. Clone the repo
git clone https://github.com/spearchucker667/kimiko.git
cd kimiko

# 2. Run the installer
make install

# 3. Source the mandate activation
source ~/.kimi/activate-mandate.sh

# 4. Launch Kimi with the mandate wrapper
~/.kimi/launch-with-mandate.sh

# 5. Inside the CLI, enter the activation word
kimiko

PowerShell on Windows

# 1. Clone the repo
git clone https://github.com/spearchucker667/kimiko.git
cd kimiko

# 2. Install
make install

# 3. Load the mandate activation
. $env:USERPROFILE\.kimi\activate-mandate.ps1

# 4. Launch Kimi with the mandate wrapper
& $env:USERPROFILE\.kimi\launch-with-mandate.ps1

# 5. Inside the CLI, enter the activation word
kimiko

After activation, you should see the Kimiko mandate acknowledgment and capability announcement.

Tip: For a deep dive into the mandate architecture, see docs/AGENTS.md.

⚠️ Legal Notice: By using this software, you agree to the terms in docs/legal/DISCLAIMER.md. YOU ARE FULLY AND EXCLUSIVELY LIABLE FOR YOUR ACTIONS.

Makefile Targets

Target Description
make install Platform-aware install with automatic OS detection
make verify Checks that all expected files exist and kimiko references are intact
make check Validates repo configuration files for structural and policy compliance
make sync Verifies config mirrors are identical
make test Runs the validator pytest suite
make uninstall Removes installed files while preserving secrets
make help Shows available targets

Repository Layout

kimiko/
├── config/
│   ├── config.toml
│   ├── kimi.toml
│   ├── mandate-agent.yaml
│   └── mandate-kimiko-agent.yaml
├── docs/
│   ├── AGENTS.md
│   ├── ARCHITECTURE.md
│   ├── legal/
│   │   └── DISCLAIMER.md
│   ├── README.md
│   └── ...
├── scripts/
│   ├── activate-mandate.sh
│   ├── kimi-wrapper.sh
│   └── ...
├── validator/
│   └── ...
├── LICENSE
├── Makefile
└── README.md

Verification

Run the verification target after installation:

make verify

Run the full check suite:

make check

Run validator tests:

make test

Uninstall

To remove installed Kimiko files while preserving secrets:

make uninstall

Legal and Usage Boundaries

Kimiko is intended only for:

  • Systems you own
  • Systems you are explicitly authorized to test
  • Internal lab environments
  • Capture-the-flag and training environments
  • Professional red-team and penetration-testing engagements with written authorization

Kimiko is not intended for unauthorized access, credential theft, malware deployment, persistence, evasion, extortion, or activity against third-party systems without permission.

Review the full disclaimer before use:

docs/legal/DISCLAIMER.md

License

This project is licensed under the MIT License. See LICENSE.

About

Bypass all api restraints within Kimi-CLI

www.moonshot.ai

Topics

exploit penetration-testing pentesting bypassing ai-agents moonshot-ai kimi-k2 kimi-cli

Resources

Readme

License

MIT license

Code of conduct

Code of conduct

Contributing

Contributing

Security policy

Security policy
Activity

Stars

72 stars

Watchers

4 watching

Forks

9 forks
Report repository

Contributors

Languages