Build a Full Bug Bounty or AppSec Harness
Design, build, and benchmark a complete security harness — scope enforcement, persistent memory, five tools, evidence chain, and a publishable client report.
The harness is the deliverable. A bug bounty submission or an AppSec gate is only as trustworthy as the harness that produced it. Scope enforcement, evidence chains, and adversarial-output defense are the three properties that separate a real harness from a prompt wrapper.
Scope enforcement is a middleware, not a prompt. Out-of-scope tool calls must be blocked by code, not by asking the LLM nicely. The scope middleware intercepts every tool invocation and rejects any that fall outside the engagement boundary — and you prove it by trying to break it.
Persistent memory is what makes a harness cumulative. Each finding enriches the target-state model; the next tool call reasons over what was already found, not just raw input. Without persistence, every scan is a cold start.
An unscored harness is a hypothesis. InjecAgent and the OOS-call and injection-payload tests convert the claim 'my harness is safe and effective' into falsifiable, publishable evidence. The benchmark is the portfolio asset.