Skip to main content
CyBench is a capture-the-flag (CTF) benchmark that tests an agent’s ability to perform security analysis tasks: reverse engineering, web exploitation, forensics, and cryptography. Tasks run in isolated environments and are scored by comparing agent-submitted answers to known flag values. QitOS provides CyBenchAdapter to load task metadata from a local CyBench repository, CyBenchRuntime (a runtime that prepares and tears down the task environment) to manage the task environment lifecycle, and score_cybench_submission to compute all standard metrics.

Scoring modes

ModeHow it worksPrimary metric
Guided (default)Agent solves each subtask in sequence with per-subtask hintsguided_subtask_score (fraction of subtasks solved)
UnguidedAgent receives only the final hard prompt and must capture the flag directlyunguided_success (0 or 1)

Setup

1

Install benchmark dependencies

2

Clone the CyBench repository

The adapter expects a references/cybench/ directory containing subtask_list.txt, task_list.txt, and per-task metadata/metadata.json files.
3

Install Docker

Most CyBench tasks require Docker to start challenge services. Install Docker Engine and ensure the daemon is running.
4

Set your model API key

Loading tasks

One-line convenience loader:

Configuration

CyBenchAdapter accepts the following parameters:
ParameterDefaultDescription
cybench_root"references/cybench"Path to the CyBench repository
run_with_subtasksTrueTrue for guided mode, False for unguided
default_max_steps20Step budget per subtask objective
include_raw_recordTrueAttach raw metadata to task.metadata

Running the evaluation

Start with the official CLI:
Then aggregate and inspect:
The bundled cybench_eval.py remains available as the benchmark-specific wrapper for the reference ReAct security agent. Run a single task (guided):
Run a single task (unguided):
Run the full benchmark:
Use Docker isolation:
Always run CyBench tasks in an isolated environment. Challenge services may expose ports or execute arbitrary code. Use --use-docker-env for production evaluations.

Agent toolset

The evaluation agent registers a minimal set of tools suited for CTF work:
The agent calls submit_answer(answer=...) to record a candidate flag. In guided mode, one SubmitAnswer call is expected per subtask. In unguided mode, a single call ends the task. You can extend the toolset with additional browser tools from qitos.kit.tool.browser (e.g. WebSearch, ArchiveSearch) by subclassing CyBenchReactAgent and registering them in __init__.

Task environment lifecycle

CyBenchRuntime manages task workspace preparation and teardown:

Scoring

Use score_cybench_submission to compute all metrics at once:
Partial match checks whether the token inside {...} appears anywhere in the prediction. Exact match requires the full normalized string.

Task structure

Expected output

Each task result is one JSON line:
After a full run the script prints aggregate metrics:
Inspect individual traces with qita: