Fix/ Long text instruction causes crash (#184)

2025-12-08 20:23:51 +01:00
parent 1edd8eda01
commit 9fedcf1551
2 changed files with 24 additions and 16 deletions
--- a/README.md
+++ b/README.md
@@ -161,7 +161,7 @@ strix -t https://github.com/org/app -t https://your-app.com
 strix --target api.your-app.com --instruction "Focus on business logic flaws and IDOR vulnerabilities"

 # Provide detailed instructions through file (e.g., rules of engagement, scope, exclusions)
-strix --target api.your-app.com --instruction ./instruction.md
+strix --target api.your-app.com --instruction-file ./instruction.md
 ```

 ### 🤖 Headless Mode
--- a/strix/interface/main.py
+++ b/strix/interface/main.py
@@ -263,8 +263,8 @@ Examples:
  strix --target example.com --instruction "Focus on authentication vulnerabilities"

  # Custom instructions (from file)
-  strix --target example.com --instruction ./instructions.txt
-  strix --target https://app.com --instruction /path/to/detailed_instructions.md
+  strix --target example.com --instruction-file ./instructions.txt
+  strix --target https://app.com --instruction-file /path/to/detailed_instructions.md
        """,
    )

@@ -285,9 +285,15 @@ Examples:
        "testing approaches (e.g., 'Perform thorough authentication testing'), "
        "test credentials (e.g., 'Use the following credentials to access the app: "
        "admin:password123'), "
-        "or areas of interest (e.g., 'Check login API endpoint for security issues'). "
-        "You can also provide a path to a file containing detailed instructions "
-        "(e.g., '--instruction ./instructions.txt').",
+        "or areas of interest (e.g., 'Check login API endpoint for security issues').",
+    )
+
+    parser.add_argument(
+        "--instruction-file",
+        type=str,
+        help="Path to a file containing detailed custom instructions for the penetration test. "
+        "Use this option when you have lengthy or complex instructions saved in a file "
+        "(e.g., '--instruction-file ./detailed_instructions.txt').",
    )

    parser.add_argument(
@@ -308,16 +314,18 @@ Examples:

    args = parser.parse_args()

-    if args.instruction:
-        instruction_path = Path(args.instruction)
-        if instruction_path.exists() and instruction_path.is_file():
-            try:
-                with instruction_path.open(encoding="utf-8") as f:
-                    args.instruction = f.read().strip()
-                    if not args.instruction:
-                        parser.error(f"Instruction file '{instruction_path}' is empty")
-            except Exception as e:  # noqa: BLE001
-                parser.error(f"Failed to read instruction file '{instruction_path}': {e}")
+    if args.instruction and args.instruction_file:
+        parser.error("Cannot specify both --instruction and --instruction-file. Use one or the other.")
+
+    if args.instruction_file:
+        instruction_path = Path(args.instruction_file)
+        try:
+            with instruction_path.open(encoding="utf-8") as f:
+                args.instruction = f.read().strip()
+                if not args.instruction:
+                    parser.error(f"Instruction file '{instruction_path}' is empty")
+        except Exception as e:
+            parser.error(f"Failed to read instruction file '{instruction_path}': {e}")

    args.targets_info = []
    for target in args.target: