name: ImmunoOrg version: 2.0.0 description: An RL environment where an LLM agent learns to defend an organization from internal threats by strategically restructuring it, simulating a biological immune response. entry_point: immunoorg.environment:ImmunoOrgEnvironment category: Cybersecurity/Organizational-Management environment: type: openenv interface: reset/step/state tasks: - id: level1_single_attack description: Contain one moderate-severity incident with minimal downtime. - id: curriculum_levels_1_to_4 description: Multi-difficulty incident response curriculum with escalating complexity. action_space: format: json schema: type: object required: [action_type] properties: action_type: type: string enum: [tactical, strategic, diagnostic] tactical_action: type: string enum: [block_port, isolate_node, scan_logs, deploy_patch, quarantine_traffic, escalate_alert, restore_backup, rotate_credentials, enable_ids, snapshot_forensics, start_migration, deploy_honeypot] strategic_action: type: string enum: [merge_departments, create_shortcut_edge, update_approval_protocol, split_department, reassign_authority, add_cross_functional_team, reduce_bureaucracy, create_incident_channel, rewrite_policy, establish_devsecops] diagnostic_action: type: string enum: [query_belief_map, correlate_failure, check_executive_context, trace_attack_path, audit_permissions, measure_org_latency, identify_silo, timeline_reconstruct, vulnerability_scan] target: type: string secondary_target: type: string parameters: type: object reasoning: type: string observation_space: format: json fields: - current_phase - step_count - sim_time - threat_level - system_downtime - visible_nodes - detected_attacks - recent_logs - org_nodes - pending_approvals metrics: - time_to_containment - total_reward - org_efficiency - threats_contained_ratio tags: [LLM, RL, Cybersecurity, Org-Design, Self-Improvement]