# ============================================================================= # AASRT - AI Agent Security Reconnaissance Tool # Environment Configuration Template # ============================================================================= # Copy this file to .env and fill in your values # NEVER commit your .env file to version control! # ============================================================================= # ----------------------------------------------------------------------------- # REQUIRED: Shodan API Configuration # ----------------------------------------------------------------------------- # Get your API key from: https://account.shodan.io/ SHODAN_API_KEY=your_shodan_api_key_here # ----------------------------------------------------------------------------- # OPTIONAL: Application Settings # ----------------------------------------------------------------------------- # Log level: DEBUG, INFO, WARNING, ERROR, CRITICAL AASRT_LOG_LEVEL=INFO # Environment: development, staging, production AASRT_ENVIRONMENT=production # Enable debug mode (set to false in production!) AASRT_DEBUG=false # ----------------------------------------------------------------------------- # OPTIONAL: Database Configuration # ----------------------------------------------------------------------------- # For SQLite (default): Leave these empty, uses ./data/scanner.db # For PostgreSQL: Uncomment and fill in the values below # DB_TYPE=postgresql # DB_HOST=localhost # DB_PORT=5432 # DB_NAME=aasrt # DB_USER=aasrt_user # DB_PASSWORD=your_secure_password_here # DB_SSL_MODE=require # ----------------------------------------------------------------------------- # OPTIONAL: ClawSec Threat Intelligence # ----------------------------------------------------------------------------- # ClawSec feed URL (default: https://clawsec.prompt.security/advisories/feed.json) # CLAWSEC_FEED_URL=https://clawsec.prompt.security/advisories/feed.json # Cache settings # CLAWSEC_CACHE_TTL=86400 # CLAWSEC_OFFLINE_MODE=false # ----------------------------------------------------------------------------- # OPTIONAL: Security Settings # ----------------------------------------------------------------------------- # Secret key for session management (generate a random 32+ char string) # AASRT_SECRET_KEY=your_random_secret_key_here # Allowed hosts (comma-separated, for production deployment) # AASRT_ALLOWED_HOSTS=localhost,127.0.0.1 # Maximum results per scan (rate limiting) # AASRT_MAX_RESULTS=500 # ----------------------------------------------------------------------------- # OPTIONAL: Streamlit Configuration # ----------------------------------------------------------------------------- # Streamlit server settings # STREAMLIT_SERVER_PORT=8501 # STREAMLIT_SERVER_ADDRESS=0.0.0.0 # STREAMLIT_SERVER_HEADLESS=true # STREAMLIT_BROWSER_GATHER_USAGE_STATS=false # ----------------------------------------------------------------------------- # OPTIONAL: Alerting & Notifications (Future) # ----------------------------------------------------------------------------- # Slack webhook URL for critical findings # SLACK_WEBHOOK_URL= # Email notifications # SMTP_HOST= # SMTP_PORT=587 # SMTP_USER= # SMTP_PASSWORD= # ALERT_EMAIL_TO=