Capture-the-Flag (CTF) competitions serve as gateways into offensive cybersecurity, yet they often present steep barriers for novices due to complex toolchains and opaque workflows. Recently, agentic AI frameworks for cybersecurity promise to lower these barriers by automating and coordinating penetration testing tasks. However, their role in shaping novice learning remains underexplored. We present a human-centered, mixed-methods case study examining how agentic AI frameworks -- here Cybersecurity AI (CAI) -- mediates novice entry into CTF-based penetration testing. An undergraduate student without prior hacking experience attempted to approach performance benchmarks from a national cybersecurity challenge using CAI. Quantitative performance metrics were complemented by structured reflective analysis of learning progression and AI interaction patterns. Our thematic analysis suggest that agentic AI reduces initial entry barriers by providing overview, structure and guidance, thereby lowering the cognitive workload during early engagement. Quantitatively, the observed extensive exploration of strategies and low per-strategy execution time potetially facilitatates cybersecurity training on meta, i.e. strategic levels. At the same time, AI-assisted cybersecurity education introduces new challenges related to trust, dependency, and responsible use. We discuss implications for human-centered AI-supported cybersecurity education and outline open questions for future research.

翻译：夺旗竞赛作为进入攻击性网络安全领域的入门途径，却常因复杂的工具链和不透明的工作流程给新手带来巨大障碍。近期，面向网络安全的智能体AI框架通过自动化和协调渗透测试任务，有望降低这些门槛。然而，其在塑造新手学习过程中的作用仍未得到充分探索。本研究采用以人为中心的混合方法案例研究，探讨智能体AI框架——具体指网络安全人工智能——如何中介新手进入基于CTF的渗透测试领域。一名无黑客经验的本科生尝试使用CAI达到国家级网络安全挑战赛的基准表现。定量性能指标辅以对学习进程与AI交互模式的结构化反思分析。主题分析表明，智能体AI通过提供概览、结构和指导降低了初始入门障碍，从而减少了早期参与阶段的认知负荷。定量数据显示，观察到的广泛策略探索与较低的单一策略执行时间，可能促进网络安全在元（即战略）层面的训练。与此同时，AI辅助的网络安全教育也带来了与信任、依赖和负责任使用相关的新挑战。我们讨论了以人为中心的AI辅助网络安全教育的启示，并提出了未来研究的开放性问题。