Merge pull request #87 from westonbrown/claude/issue-81-20251108-1705

refactor: ConfigManager consolidation and operation improvements

Author: westonbrown

README.md

@@ -97,27 +97,43 @@ The React terminal will automatically spawn the Python agent as a subprocess and
 
 #### Single Container
 
+**Interactive Mode (React Terminal UI):**
 ```bash
-# Interactive mode with React terminal
 docker run -it --rm \
-  -e AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID} \
-  -e AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY} \
-  -e AWS_REGION=${AWS_REGION:-us-east-1} \
+  -e AZURE_API_KEY=your_azure_key \
+  -e AZURE_API_BASE=https://your-endpoint.openai.azure.com/ \
+  -e AZURE_API_VERSION=2024-12-01-preview \
+  -e CYBER_AGENT_LLM_MODEL=azure/gpt-5 \
+  -e CYBER_AGENT_EMBEDDING_MODEL=azure/text-embedding-3-large \
   -v $(pwd)/outputs:/app/outputs \
-  cyber-autoagent
+  cyberautoagent:latest
+```
 
-# Or start directly with parameters
-docker run -it --rm \
-  -e AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID} \
-  -e AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY} \
-  -e AWS_REGION=${AWS_REGION:-us-east-1} \
+**Direct Python Execution (Non-Interactive):**
+```bash
+# Override entrypoint for direct Python execution
+docker run --rm --entrypoint python \
+  -e AZURE_API_KEY=your_azure_key \
+  -e AZURE_API_BASE=https://your-endpoint.openai.azure.com/ \
+  -e AZURE_API_VERSION=2024-12-01-preview \
+  -e CYBER_AGENT_LLM_MODEL=azure/gpt-5 \
+  -e CYBER_AGENT_EMBEDDING_MODEL=azure/text-embedding-3-large \
+  -e REASONING_EFFORT=medium \
   -v $(pwd)/outputs:/app/outputs \
-  cyber-autoagent \
+  cyberautoagent:latest \
+  src/cyberautoagent.py \
   --target "http://testphp.vulnweb.com" \
   --objective "Identify SQL injection vulnerabilities" \
-  --auto-run
+  --iterations 50 \
+  --provider litellm
 ```
 
+**Works with any LiteLLM provider (300+ supported):**
+- Azure OpenAI: `azure/model-name`
+- AWS Bedrock: Use AWS credentials instead
+- OpenRouter: Set `OPENROUTER_API_KEY`, use `openrouter/model-name`
+- Moonshot AI: Set `MOONSHOT_API_KEY`, use `moonshot/model-name`
+
 #### Docker Compose (Full Stack with Observability)
 
 **Setup:** Create `.env` file in project root with your configuration:

docker/Dockerfile

@@ -168,16 +168,20 @@ RUN cd /app/src/modules/interfaces/react && \
     chown -R cyberagent:cyberagent /app/src/modules/interfaces/react
 
 # Install chromium browser for playwright to use
-# We use the PLAYWRIGHT_HOST_PLATFORM_OVERRIDE to force installation of Debian 13 packages on Kali Rolling since
-# Kali Rolling is based off Debian Testing and playwright does not have a specific Kali target.
-RUN env PLAYWRIGHT_HOST_PLATFORM_OVERRIDE="debian13-$(dpkg --print-architecture | sed 's/amd/x/')" uv run playwright install chromium --with-deps && \
+RUN env PLAYWRIGHT_HOST_PLATFORM_OVERRIDE="debian13-$(dpkg --print-architecture | sed 's/amd/x/')" \
+    PLAYWRIGHT_BROWSERS_PATH=/home/cyberagent/.cache/ms-playwright \
+    uv run playwright install chromium --with-deps && \
+    chown -R cyberagent:cyberagent /home/cyberagent/.cache && \
+    CHROME_BIN=$(find /home/cyberagent/.cache/ms-playwright -type f \( -name chrome -o -name chromium \) | head -n 1) && \
+    if [ -n "$CHROME_BIN" ]; then mkdir -p /usr/lib/chromium && ln -sf "$CHROME_BIN" /usr/lib/chromium/chromium; fi && \
     apt-get clean && \
     rm -rf /var/lib/apt/lists/* /var/cache/apt/archives/*
 
 # Environment
 ENV GOPATH="/home/cyberagent/go"
 ENV GOCACHE="/home/cyberagent/go/.cache"
 ENV PATH="/app/.venv/bin:/home/cyberagent/go/bin:$PATH"
+ENV PLAYWRIGHT_BROWSERS_PATH="/home/cyberagent/.cache/ms-playwright"
 ENV PYTHONPATH="/usr/lib/python3/dist-packages:/app/src"
 
 # Pre-install Go-based recon tools (mix of go build and prebuilt binaries)

docs/deployment.md

@@ -2,6 +2,144 @@
 
 This guide covers deployment options for Cyber-AutoAgent in various environments.
 
+## Invocation Methods
+
+Cyber-AutoAgent supports **4 invocation methods**, each with different use cases:
+
+### 1. Python CLI (Direct Execution)
+
+Best for: Automation, scripting, CI/CD pipelines
+
+```bash
+# Configure via environment variables
+export AZURE_API_KEY="your_key"
+export AZURE_API_BASE="https://your-endpoint.openai.azure.com/"
+export AZURE_API_VERSION="2024-12-01-preview"
+export CYBER_AGENT_LLM_MODEL="azure/gpt-5"
+export CYBER_AGENT_EMBEDDING_MODEL="azure/text-embedding-3-large"
+export REASONING_EFFORT="medium"
+
+# Run with uv (recommended)
+uv run python src/cyberautoagent.py \
+  --target "https://example.com" \
+  --objective "Bug bounty assessment" \
+  --iterations 150 \
+  --provider litellm
+```
+
+### 2. NPM Auto-Run (Config File)
+
+Best for: Repeated testing with saved config, development
+
+```bash
+# Uses ~/.cyber-autoagent/config.json for settings
+cd src/modules/interfaces/react
+npm start -- --auto-run \
+  --target "https://example.com" \
+  --objective "Security assessment" \
+  --iterations 50
+```
+
+**Configure via** `~/.cyber-autoagent/config.json`:
+```json
+{
+  "modelProvider": "litellm",
+  "modelId": "azure/gpt-5",
+  "embeddingModel": "azure/text-embedding-3-large",
+  "azureApiKey": "your_key",
+  "azureApiBase": "https://your-endpoint.openai.azure.com/",
+  "azureApiVersion": "2024-12-01-preview",
+  "reasoningEffort": "medium"
+}
+```
+
+### 3. Docker (Standalone Container)
+
+Best for: Isolated environments, clean tooling, reproducibility
+
+**With Interactive React Terminal:**
+```bash
+docker run -it --rm \
+  -e AZURE_API_KEY=your_key \
+  -e AZURE_API_BASE=https://your-endpoint.openai.azure.com/ \
+  -e CYBER_AGENT_LLM_MODEL=azure/gpt-5 \
+  -v $(pwd)/outputs:/app/outputs \
+  cyberautoagent:latest
+```
+
+**Direct Python Execution (Override Entrypoint):**
+```bash
+docker run --rm --entrypoint python \
+  -e AZURE_API_KEY=your_key \
+  -e AZURE_API_BASE=https://your-endpoint.openai.azure.com/ \
+  -e AZURE_API_VERSION=2024-12-01-preview \
+  -e CYBER_AGENT_LLM_MODEL=azure/gpt-5 \
+  -e CYBER_AGENT_EMBEDDING_MODEL=azure/text-embedding-3-large \
+  -e REASONING_EFFORT=medium \
+  -v $(pwd)/outputs:/app/outputs \
+  cyberautoagent:latest \
+  src/cyberautoagent.py \
+  --target https://example.com \
+  --objective "Security assessment" \
+  --iterations 50 \
+  --provider litellm
+```
+
+### 4. Docker Compose (Full Stack)
+
+Best for: Observability, team deployments, production monitoring
+
+```bash
+# Uses docker/.env for configuration
+docker compose -f docker/docker-compose.yml up -d
+```
+
+## Universal Provider Support
+
+Cyber-AutoAgent supports **300+ LLM providers** via LiteLLM. Examples:
+
+**Azure OpenAI:**
+```bash
+-e AZURE_API_KEY=your_key
+-e AZURE_API_BASE=https://your-endpoint.openai.azure.com/
+-e AZURE_API_VERSION=2024-12-01-preview
+-e CYBER_AGENT_LLM_MODEL=azure/gpt-5
+-e CYBER_AGENT_EMBEDDING_MODEL=azure/text-embedding-3-large
+```
+
+**AWS Bedrock:**
+```bash
+-e AWS_ACCESS_KEY_ID=your_key
+-e AWS_SECRET_ACCESS_KEY=your_secret
+-e CYBER_AGENT_LLM_MODEL=us.anthropic.claude-sonnet-4-5-20250929-v1:0
+-e CYBER_AGENT_EMBEDDING_MODEL=amazon.titan-embed-text-v2:0
+```
+
+**OpenRouter:**
+```bash
+-e OPENROUTER_API_KEY=your_key
+-e CYBER_AGENT_LLM_MODEL=openrouter/openrouter/polaris-alpha
+-e CYBER_AGENT_EMBEDDING_MODEL=azure/text-embedding-3-large
+```
+
+**Moonshot AI:**
+```bash
+-e MOONSHOT_API_KEY=your_key
+-e OPENAI_API_KEY=your_key  # Required for Mem0 OpenAI-compatible providers
+-e CYBER_AGENT_LLM_MODEL=moonshot/kimi-k2-thinking
+-e CYBER_AGENT_EMBEDDING_MODEL=azure/text-embedding-3-large
+-e MEM0_LLM_MODEL=azure/gpt-4o  # Memory system LLM (use Azure/Anthropic/Bedrock for Mem0)
+-e AZURE_API_KEY=azure_key  # Required for embeddings and Mem0
+-e AZURE_API_BASE=https://your-endpoint.openai.azure.com/
+-e AZURE_API_VERSION=2024-12-01-preview
+```
+
+**Note:** When using OpenAI-compatible providers (Moonshot, OpenRouter, etc.) with Mem0, you must:
+1. Set `OPENAI_API_KEY` to the provider's API key for Mem0 compatibility
+2. Use a supported Mem0 provider (Azure, OpenAI, Anthropic, Bedrock) for `MEM0_LLM_MODEL`
+
+**Mixed Providers:** You can combine any LLM with any embedding model!
+
 ## Quick Start
 
 ### Using Docker (Recommended)

docs/prompt_management.md

@@ -63,9 +63,8 @@ src/modules/operation_plugins/
 │   ├── execution_prompt.md    # Domain-specific system prompt
 │   ├── report_prompt.md       # Report generation guidance
 │   ├── module.yaml            # Module configuration
-│   └── tools/                 # Module-specific tools
-│       ├── __init__.py
-│       └── quick_recon.py
+│   └── tools/                 # Module-specific tools / specialist agents
+│       └── validation_specialist.py
 └── ctf/
     ├── execution_prompt.md
     ├── report_prompt.md
@@ -83,6 +82,7 @@ configuration:
 
 **Available Modules**:
 - **general**: Comprehensive web application and network security testing
+  - Includes the `validation_specialist` tool (invoked via `load_tool("validation_specialist")`) and can be extended with additional specialist agents following the same pattern.
 - **ctf**: CTF challenge solving with flag recognition and success detection
 
 ## Prompt Loading System
@@ -360,4 +360,4 @@ agent, callback_handler = create_agent(
 ```
 
 
-The module system provides a powerful way to specialize Cyber-AutoAgent for different security domains while maintaining consistent core functionality and user experience.
+The module system provides a powerful way to specialize Cyber-AutoAgent for different security domains while maintaining consistent core functionality and user experience.

docs/user-instructions.md

@@ -36,9 +36,52 @@ Select during setup or change via `/setup` command.
 
 ## Configuration
 
-Configuration persists to `~/.cyber-autoagent/config.json`.
+Cyber-AutoAgent offers **3 configuration methods**:
 
-### Model Providers
+### Method 1: Config Editor UI (Recommended)
+
+Launch the React interface to configure via UI:
+
+```bash
+cd src/modules/interfaces/react
+npm start
+```
+
+**In the Terminal:**
+1. Type `/config` to open Config Editor
+2. Select **Provider**: `litellm` (supports 300+ models)
+3. Configure **LLM Settings**:
+   - Model ID: `azure/gpt-5`, `moonshot/kimi-k2-thinking`, `openrouter/openrouter/polaris-alpha`
+   - Temperature: `1.0` (for reasoning models) or `0.95` (default)
+   - Max Tokens: `32000`
+   - Reasoning Effort: `medium` (for GPT-5/o1 models)
+4. Configure **Embedding Model**: `azure/text-embedding-3-large`
+5. Add **Provider Credentials**:
+   - Azure: API Key, API Base, API Version
+   - Moonshot: API Key
+   - OpenRouter: API Key
+6. Save settings - persists to `~/.cyber-autoagent/config.json`
+7. Type `/help` for available commands
+
+**Using Saved Config:**
+```bash
+# Auto-run uses saved config
+npm start -- --auto-run --target https://example.com --iterations 50
+```
+
+### Method 2: Environment Variables
+
+Direct configuration for Python CLI:
+
+**Azure OpenAI (GPT-5):**
+```bash
+export AZURE_API_KEY=your_key
+export AZURE_API_BASE=https://your-endpoint.openai.azure.com/
+export AZURE_API_VERSION=2024-12-01-preview
+export CYBER_AGENT_LLM_MODEL=azure/gpt-5
+export CYBER_AGENT_EMBEDDING_MODEL=azure/text-embedding-3-large
+export REASONING_EFFORT=medium
+```
 
 **AWS Bedrock:**
 ```bash
@@ -47,6 +90,21 @@ export AWS_SECRET_ACCESS_KEY=your_secret
 export AWS_REGION=us-east-1
 ```
 
+**OpenRouter:**
+```bash
+export OPENROUTER_API_KEY=your_key
+export CYBER_AGENT_LLM_MODEL=openrouter/openrouter/polaris-alpha
+export CYBER_AGENT_EMBEDDING_MODEL=azure/text-embedding-3-large
+```
+
+**Moonshot AI:**
+```bash
+export MOONSHOT_API_KEY=your_key
+export CYBER_AGENT_LLM_MODEL=moonshot/kimi-k2-thinking
+export CYBER_AGENT_EMBEDDING_MODEL=azure/text-embedding-3-large
+export MEM0_LLM_MODEL=azure/gpt-4o  # Separate LLM for memory system
+```
+
 **Ollama (Local):**
 ```bash
 ollama serve
@@ -61,6 +119,28 @@ export OPENAI_API_KEY=your_key
 export ANTHROPIC_API_KEY=your_key
 ```
 
+### Method 3: Config File (Direct Edit)
+
+Advanced users can directly edit `~/.cyber-autoagent/config.json`:
+
+```json
+{
+  "modelProvider": "litellm",
+  "modelId": "azure/gpt-5",
+  "embeddingModel": "azure/text-embedding-3-large",
+  "temperature": 1.0,
+  "maxTokens": 32000,
+  "reasoningEffort": "medium",
+  "azureApiKey": "your_key",
+  "azureApiBase": "https://your-endpoint.openai.azure.com/",
+  "azureApiVersion": "2024-12-01-preview",
+  "observability": false,
+  "autoEvaluation": false
+}
+```
+
+**Supported Providers:** `bedrock`, `ollama`, `litellm` (300+ models)
+
 ### Configuration Commands
 
 | Command | Function |

pyproject.toml

@@ -29,9 +29,12 @@ classifiers = [
 ]
 requires-python = ">=3.10,<3.14"
 dependencies = [
-    "strands-agents[ollama,otel,litellm]==1.11.0",
-    "strands-agents-tools==0.2.9",
-    "mem0ai",
+    "strands-agents[ollama,otel,litellm]>=1.11.0",
+    "strands-agents-tools>=0.2.9",
+    "mem0ai>=0.1.116",
+    "google-genai>=0.3.0",
+    "litellm>=1.79.1",
+    "azure-identity>=1.15.0",
     "boto3>=1.39.10",
     "botocore>=1.39.10",
     "faiss-cpu",