From 9fedcf155148dd9e08fe84e749320e2bf1fa1c1d Mon Sep 17 00:00:00 2001
From: Alexander De Battista Kvamme <alexanderdebattistakvamme@gmail.com>
Date: Mon, 8 Dec 2025 20:23:51 +0100
Subject: [PATCH] Fix/ Long text instruction causes crash (#184)

---
 README.md               |  2 +-
 strix/interface/main.py | 38 +++++++++++++++++++++++---------------
 2 files changed, 24 insertions(+), 16 deletions(-)

diff --git a/README.md b/README.md
index d861378..12bb3d5 100644
--- a/README.md
+++ b/README.md
@@ -161,7 +161,7 @@ strix -t https://github.com/org/app -t https://your-app.com
 strix --target api.your-app.com --instruction "Focus on business logic flaws and IDOR vulnerabilities"
 
 # Provide detailed instructions through file (e.g., rules of engagement, scope, exclusions)
-strix --target api.your-app.com --instruction ./instruction.md
+strix --target api.your-app.com --instruction-file ./instruction.md
 ```
 
 ### 🤖 Headless Mode
diff --git a/strix/interface/main.py b/strix/interface/main.py
index 6d48227..5b6b1ed 100644
--- a/strix/interface/main.py
+++ b/strix/interface/main.py
@@ -263,8 +263,8 @@ Examples:
   strix --target example.com --instruction "Focus on authentication vulnerabilities"
 
   # Custom instructions (from file)
-  strix --target example.com --instruction ./instructions.txt
-  strix --target https://app.com --instruction /path/to/detailed_instructions.md
+  strix --target example.com --instruction-file ./instructions.txt
+  strix --target https://app.com --instruction-file /path/to/detailed_instructions.md
         """,
     )
 
@@ -285,9 +285,15 @@ Examples:
         "testing approaches (e.g., 'Perform thorough authentication testing'), "
         "test credentials (e.g., 'Use the following credentials to access the app: "
         "admin:password123'), "
-        "or areas of interest (e.g., 'Check login API endpoint for security issues'). "
-        "You can also provide a path to a file containing detailed instructions "
-        "(e.g., '--instruction ./instructions.txt').",
+        "or areas of interest (e.g., 'Check login API endpoint for security issues').",
+    )
+
+    parser.add_argument(
+        "--instruction-file",
+        type=str,
+        help="Path to a file containing detailed custom instructions for the penetration test. "
+        "Use this option when you have lengthy or complex instructions saved in a file "
+        "(e.g., '--instruction-file ./detailed_instructions.txt').",
     )
 
     parser.add_argument(
@@ -308,16 +314,18 @@ Examples:
 
     args = parser.parse_args()
 
-    if args.instruction:
-        instruction_path = Path(args.instruction)
-        if instruction_path.exists() and instruction_path.is_file():
-            try:
-                with instruction_path.open(encoding="utf-8") as f:
-                    args.instruction = f.read().strip()
-                    if not args.instruction:
-                        parser.error(f"Instruction file '{instruction_path}' is empty")
-            except Exception as e:  # noqa: BLE001
-                parser.error(f"Failed to read instruction file '{instruction_path}': {e}")
+    if args.instruction and args.instruction_file:
+        parser.error("Cannot specify both --instruction and --instruction-file. Use one or the other.")
+
+    if args.instruction_file:
+        instruction_path = Path(args.instruction_file)
+        try:
+            with instruction_path.open(encoding="utf-8") as f:
+                args.instruction = f.read().strip()
+                if not args.instruction:
+                    parser.error(f"Instruction file '{instruction_path}' is empty")
+        except Exception as e:
+            parser.error(f"Failed to read instruction file '{instruction_path}': {e}")
 
     args.targets_info = []
     for target in args.target: