shyhurricane

This project is explicitly designed for offensive security testing, which inherently involves high-risk operations. The primary security concern is the `run_unix_command` tool, which allows the AI agent to execute arbitrary Linux/macOS commands on the host (or within a Docker container that has network access, including privileged operations like mounting volumes and building images). Several other tools (e.g., `port_scan`, `spider_website`, `directory_buster`, `web_search`, `oast` capabilities) also interact with external targets in potentially intrusive ways. By default, `DISABLE_ELICITATION` is set to `True` in `docker-compose.dev.yml`, meaning dangerous actions might proceed without explicit user confirmation. The `unix_command` Docker image bundles numerous offensive security tools, and its `entrypoint.sh` persists `/tmp` and `/var/tmp` across invocations, which could lead to sensitive data leakage between different tool runs. HTTP request/response bodies are logged which may contain sensitive data. Given its purpose, these features are intended, but for a general user, running this server poses a significant risk of unintended system compromise or unauthorized network activity.