name: sentinel_env
version: 2.0.0
entry_point: server.sentinel_env_environment:SentinelEnv
server_entry_point: server.app:app
tasks:
  - id: "easy-lockdown"
    difficulty: "easy"
    mode: "single-agent"
    objective: "Secure a public S3 bucket containing PII data"

  - id: "easy-secrets"
    difficulty: "easy"
    mode: "single-agent"
    objective: "Revoke and rotate a leaked API key found in a public GitHub repo"

  - id: "medium-access"
    difficulty: "medium"
    mode: "single-agent"
    objective: "Revoke admin IAM access to enforce least-privilege policy"

  - id: "medium-mfa"
    difficulty: "medium"
    mode: "single-agent"
    objective: "Enforce MFA on all 3 admin accounts with missing MFA"

  - id: "hard-breach"
    difficulty: "hard"
    mode: "single-agent"
    objective: "Block brute force attacker IP then close exposed port 22"

  - id: "critical-ransomware"
    difficulty: "hard"
    mode: "single-agent"
    objective: "Isolate encrypted server, revoke sessions, restore from backup"

  - id: "expert-apt"
    difficulty: "expert"
    mode: "single-agent"
    objective: "Detect C2 beacon, block outbound, isolate infected host, patch CVE"

  - id: "red-vs-blue"
    difficulty: "expert"
    mode: "multi-agent"
    objective: "Blue team stops Red team from exfiltrating secret data"
    agents:
      - role: "attacker"
        actions: ["port_scan", "privilege_escalation", "lateral_movement", "data_exfiltration", "hide_tracks"]
      - role: "scanner"
        actions: ["scan_logs", "flag_threat", "share_intel"]
      - role: "remediator"
        actions: ["block_ip", "close_port", "lockdown", "revoke_access", "restore_service"]