Add environment configuration and code of conduct

- Introduced `.env.example` for environment variable setup, including LLM provider and API keys.
- Added `CODE_OF_CONDUCT.md` to establish community standards and expectations for project participation.
- Updated `CONTRIBUTING.md` to reflect new installation instructions using `make`.
- Created `SECURITY.md` to outline the security policy and reporting process.
- Enhanced `README.md` with clearer project descriptions and usage examples.
- Added a `Makefile` for simplified development tasks and dependency management.
- Included initial test cases for new functionalities in the testing framework.

Author: Av7danger

.env.example

@@ -0,0 +1,6 @@
+# Choose one provider/model pair for LiteLLM
+SECNODE_LLM=openai/gpt-4o
+
+# Provider API keys
+OPENAI_API_KEY=
+ANTHROPIC_API_KEY=

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,32 @@
+---
+name: Bug report
+about: Report incorrect behavior or regression
+title: "[Bug] "
+labels: bug
+assignees: ""
+---
+
+## Description
+
+## Steps To Reproduce
+
+1.
+2.
+3.
+
+## Expected Behavior
+
+## Actual Behavior
+
+## Environment
+
+- OS:
+- Python:
+- Model provider:
+- Command run:
+
+## Logs / Traceback
+
+```text
+paste logs
+```

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,17 @@
+---
+name: Feature request
+about: Propose an enhancement
+title: "[Feature] "
+labels: enhancement
+assignees: ""
+---
+
+## Problem Statement
+
+## Proposed Solution
+
+## Alternatives Considered
+
+## Security / Risk Considerations
+
+## Additional Context

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,27 @@
+## Summary
+
+- 
+
+## Why
+
+- 
+
+## Changes
+
+- 
+
+## Test Plan
+
+- [ ] `pytest`
+- [ ] `ruff check src tests`
+- [ ] Manual CLI sanity check
+
+## Security Impact
+
+- [ ] No security impact
+- [ ] Security-sensitive behavior changed (describe below)
+
+## Checklist
+
+- [ ] Documentation updated
+- [ ] Backward compatibility reviewed

.github/workflows/secnode-pentest.yml

@@ -1,10 +1,10 @@
-name: secnode-api-pentest
+name: secnode-api-ci
 
 on:
   pull_request:
 
 jobs:
-  test:
+  lint-test-build:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
@@ -17,11 +17,19 @@ jobs:
       - name: Install dependencies
         run: pip install -r requirements.txt && pip install -e .[dev]
 
-      - name: Run tests
+      - name: Lint
+        run: ruff check src tests
+
+      - name: Run tests with coverage
         run: pytest
 
+      - name: Build package
+        run: |
+          python -m pip install build
+          python -m build
+
   security-scan:
-    needs: test
+    needs: lint-test-build
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4

CODE_OF_CONDUCT.md

@@ -0,0 +1,31 @@
+# Code of Conduct
+
+## Our Pledge
+
+We commit to making participation in this project a harassment-free experience for everyone.
+
+## Our Standards
+
+Examples of behavior that contributes to a positive environment:
+
+- Respectful and constructive feedback
+- Professional disagreement focused on technical outcomes
+- Responsible disclosure and safe security research practices
+
+Unacceptable behavior includes:
+
+- Harassment, insults, or discriminatory language
+- Publishing private information without consent
+- Any exploit-sharing that can harm real systems
+
+## Enforcement Responsibilities
+
+Project maintainers are responsible for clarifying and enforcing this Code of Conduct and may remove or reject content that violates it.
+
+## Scope
+
+This Code of Conduct applies in project spaces, issue trackers, pull requests, discussions, and community channels linked to this repository.
+
+## Reporting
+
+Report violations privately to maintainers through the security contact process in `SECURITY.md`.

CONTRIBUTING.md

@@ -25,8 +25,7 @@ Thank you for your interest in contributing to SecNode API! This guide will help
 
 3. **Install dependencies**
    ```bash
-   pip install -r requirements.txt
-   pip install -e .[dev]
+   make install-dev
    ```
 
 4. **Configure your LLM provider**
@@ -45,6 +44,14 @@ Thank you for your interest in contributing to SecNode API! This guide will help
    secnodeapi --target https://api.example.com/swagger.json
    ```
 
+### Development quality checks
+
+```bash
+make lint
+make test
+make build
+```
+
 ##  Enhancing the AI Engine
 
 SecNode relies heavily on its `ai/` package (`understand`, `generate`, `validate`) for cognitive test generation and verification.
@@ -79,7 +86,7 @@ SecNode relies heavily on its `ai/` package (`understand`, `generate`, `validate
 - Use Python type hints (`typing`) for all functions and Pydantic models.
 - Write docstrings for all public methods.
 - Keep functions tightly focused and under 100 lines.
-- No `print()` statements — use `structlog` (`logger.info()`, `logger.error()`).
+- Avoid debug `print()` statements in library code; use `structlog` (`logger.info()`, `logger.error()`).
 
 ##  Reporting Issues
 

Makefile

@@ -0,0 +1,30 @@
+PYTHON ?= python
+
+.PHONY: install install-dev lint test test-cov build run clean
+
+install:
+	$(PYTHON) -m pip install -r requirements.txt
+	$(PYTHON) -m pip install -e .
+
+install-dev:
+	$(PYTHON) -m pip install -r requirements.txt
+	$(PYTHON) -m pip install -e .[dev]
+
+lint:
+	ruff check src tests
+
+test:
+	pytest
+
+test-cov:
+	pytest --cov=src/secnodeapi --cov-report=term-missing --cov-fail-under=70
+
+build:
+	$(PYTHON) -m pip install build
+	$(PYTHON) -m build
+
+run:
+	secnodeapi --help
+
+clean:
+	$(PYTHON) -c "import shutil, pathlib; [shutil.rmtree(p, ignore_errors=True) for p in ['dist','build','.pytest_cache','htmlcov']]; [q.unlink() for q in pathlib.Path('.').rglob('*.pyc')]"