vluggy-lite

This server carries significant security risks due to its architecture and intended purpose. The `vluggy-lite-http` service mounts the Docker daemon's socket (`/var/run/docker.sock`) from the host machine. If this service is compromised (e.g., via a flaw in the API, a dependency, or a sophisticated attack leveraging its arbitrary command execution capabilities), an attacker gains root access to the Docker host system. Furthermore, the `vluggy-lite-kali` container runs with elevated privileges (`NET_RAW`, `NET_ADMIN`, `seccomp:unconfined`), which are necessary for many hacking tools but increase the blast radius in case of container escape. The core functionality involves executing arbitrary commands (`exec_tool`, `plan_exec`) within the Kali container. While a denylist and (conditional) allowlist are present, the `VLUGGY_ALLOW_ALL` flag can dramatically expand the attack surface. Authentication relies solely on an API key via an `X-API-Key` header, making the system vulnerable if the key is leaked. The listener management functionality (`listener_start`, `listener_stop`) also allows for easy establishment of C2 channels or data exfiltration by an authenticated attacker.