LuaN1aoAgent is configured entirely through environment variables, loaded from aDocumentation Index
Fetch the complete documentation index at: https://mintlify.com/SanMuzZzZz/LuaN1aoAgent/llms.txt
Use this file to discover all available pages before exploring further.
.env file at startup via python-dotenv. Copy .env.example to .env and edit the values before running the agent.
Complete .env example
.env
Variables marked required have no default and will cause the agent to fail at startup if unset. All others are optional and fall back to the documented defaults.
Core scenario
Sets the overall operating mode.
| Value | Description |
|---|---|
general | Full-featured mode for real-world and internal-network pentests. All tools enabled. |
ctf | Optimised for Capture-the-Flag competitions. Disables large-scale scanning tools and activates CTF-specific prompt tuning. |
Output
Controls how much information is printed to the console during a run. See Output Modes for a full comparison.
| Value | Description |
|---|---|
simple | Minimal output — core results only. |
default | Standard output for normal use. |
debug | Verbose output, equivalent to --verbose. |
Language used for internal agent prompts.
| Value | Description |
|---|---|
zh | Chinese (default) |
en | English |
LLM API
API key for the primary LLM service. Required — the agent will not start without this value.
Base URL for the OpenAI-compatible API endpoint. Override this to use a third-party provider such as DeepSeek or a local proxy.
Secondary API key used automatically when the primary key encounters a
429 rate-limit error. If unset, the agent performs exponential back-off on the primary key instead.LLM models
Each agent role can be assigned an independent model. This lets you run an inexpensive fast model for the executor while reserving your strongest model for the planner.Fallback model used by any role that does not have an explicit model configured.
Model for the Planner role, which builds the attack task graph. Assign your strongest model here.
Model for the Executor role, which runs tools step-by-step within a task.
Model for the Reflector role, which performs causal analysis and updates the knowledge graph.
Model for the Expert Analysis role, invoked by the
expert_analysis MCP tool when the executor escalates a hard problem.Model used to compress long conversation history. Falls back to
LLM_DEFAULT_MODEL when not set.Model for the binary yes/no reflector validation step. Defaults to
LLM_REFLECTOR_MODEL.Model used when the planner triggers a crisis re-planning event. Defaults to
LLM_PLANNER_MODEL.LLM advanced
When
true, the agent injects an extra_body field into OpenAI-compatible API requests. This is required to enable thinking-mode features on providers that support it (e.g., extra_body: {thinking: "hidden"}). Has no effect when LLM_PROVIDER=anthropic.Default thinking-mode setting applied to all roles unless a per-role override is present. Only takes effect when
LLM_EXTRA_BODY_ENABLED=true.| Value | Description |
|---|---|
off | Thinking mode disabled (no extra_body injected). |
hidden | Thinking enabled; chain-of-thought not returned in the response. |
visible | Thinking enabled; chain-of-thought returned in reasoning_content or similar. |
LLM_<ROLE>_THINKING. All fall back to LLM_DEFAULT_THINKING if unset:
| Variable | Role |
|---|---|
LLM_PLANNER_THINKING | Planner |
LLM_EXECUTOR_THINKING | Executor |
LLM_REFLECTOR_THINKING | Reflector |
LLM_EXPERT_THINKING | Expert Analysis |
LLM_SUMMARIZER_THINKING | Summarizer |
LLM_REFLECTOR_VALIDATOR_THINKING | Reflector Validator |
LLM_PLANNER_CRISIS_EXPERT_THINKING | Planner Crisis Expert |
LLM providers
Selects the LLM backend.
See LLM Providers for full configuration examples.
| Value | Description |
|---|---|
openai | OpenAI or any compatible API (DeepSeek, local proxies, etc.). |
anthropic | Anthropic Claude native API. |
API key for the Anthropic API. Defaults to the value of
LLM_API_KEY when not explicitly set.Endpoint for the Anthropic Messages API.
Fallback key for Anthropic rate-limit handling. Defaults to
LLM_FALLBACK_API_KEY.Value sent in the
anthropic-version request header.ANTHROPIC_<ROLE>_MODEL:
| Variable | Default |
|---|---|
ANTHROPIC_DEFAULT_MODEL | claude-3-5-sonnet-20240620 |
ANTHROPIC_PLANNER_MODEL | claude-3-5-sonnet-20240620 |
ANTHROPIC_EXECUTOR_MODEL | claude-3-5-sonnet-20240620 |
ANTHROPIC_REFLECTOR_MODEL | claude-3-5-sonnet-20240620 |
ANTHROPIC_EXPERT_MODEL | claude-3-5-sonnet-20240620 |
ANTHROPIC_SUMMARIZER_MODEL | ANTHROPIC_DEFAULT_MODEL |
ANTHROPIC_REFLECTOR_VALIDATOR_MODEL | ANTHROPIC_REFLECTOR_MODEL |
ANTHROPIC_PLANNER_CRISIS_EXPERT_MODEL | ANTHROPIC_PLANNER_MODEL |
Executor behavior
Maximum number of tool-call steps the executor may take within a single task cycle before forcing termination.
Number of messages in the executor’s context window that triggers history compression.
Token count in the executor context that triggers compression, regardless of message count.
If the executor completes this many consecutive steps without producing a new artifact (finding, credential, flag, etc.), the cycle is terminated. Must be less than
EXECUTOR_MAX_STEPS.Number of consecutive tool failures that triggers a strategy switch.
Number of most-recent messages preserved verbatim when compressing history.
Minimum message count required before compression is considered.
How many execution rounds must pass between successive compressions.
Message count threshold evaluated at each compression interval.
Default tool execution timeout in seconds. Used for any tool that does not have its own
TOOL_TIMEOUT_* override.Maximum characters retained from a single tool output. Longer outputs are truncated before being fed back to the LLM.
Hard cap on the total number of Planner-Executor-Reflector (P-E-R) cycles. Acts as a safety circuit-breaker against infinite loops.
Hard cap on cumulative token consumption across the entire run. The agent halts when this limit is reached.
Per-tool timeout overrides
Each tool can have its timeout adjusted independently. Unrecognised tools fall back toEXECUTOR_TOOL_TIMEOUT.
| Variable | Tool | Default (seconds) |
|---|---|---|
TOOL_TIMEOUT_SQLMAP | sqlmap_tool | 600 |
TOOL_TIMEOUT_NUCLEI | nuclei_scan | 300 |
TOOL_TIMEOUT_DIRSEARCH | dirsearch_scan | 300 |
TOOL_TIMEOUT_CONCURRENCY | concurrency_test | 180 |
TOOL_TIMEOUT_HTTP | http_request | 60 |
TOOL_TIMEOUT_SHELL | shell_exec | 120 |
TOOL_TIMEOUT_PYTHON | python_exec | 300 |
TOOL_TIMEOUT_WEB_SEARCH | web_search | 30 |
TOOL_TIMEOUT_SEARCH_EXPLOIT | search_exploit | 30 |
TOOL_TIMEOUT_THINK | think | 30 |
TOOL_TIMEOUT_HYPOTHESES | formulate_hypotheses | 30 |
TOOL_TIMEOUT_REFLECT | reflect_on_failure | 30 |
TOOL_TIMEOUT_EXPERT | expert_analysis | 60 |
TOOL_TIMEOUT_RETRIEVE | retrieve_knowledge | 15 |
TOOL_TIMEOUT_DISTILL | distill_knowledge | 20 |
Context management
Number of past P-E-R cycle summaries the Planner can see when building a new plan.
Number of recent reflection log entries available to the Reflector when updating the causal graph.
Ablation
These variables are primarily for research and ablation studies. Changing them disables architectural components of the agent.Controls which agent architecture is active.
| Value | Description |
|---|---|
default | Full P-E-R (Planner-Executor-Reflector) mode with dynamic task graph. |
linear | Linear mode — task graph disabled, no dynamic branching. |
react | Pure ReAct mode — Executor only, Planner and Reflector disabled. |
When
true, disables the Reflector’s causal graph updates and the Planner’s causal reasoning. The agent reverts to a simple memory model.Web service
Host address the Web UI server binds to. Set to
0.0.0.0 to expose the UI on all network interfaces.Port for the Web UI server.
Knowledge service
Host where the RAG knowledge service is running.
Port for the RAG knowledge service.
Full URL for the knowledge service. Constructed automatically from host and port when not set explicitly. Override this when the service runs on a different machine.
Human-in-the-loop (HITL)
When
true, the agent pauses after generating each plan and waits for human approval via the Web UI or CLI before execution begins. Useful for supervised red-team engagements.RAG knowledge service
Maximum character length for each knowledge snippet returned by the retrieval service.
Default number of top results returned by the RAG service when
top_k is not specified in the tool call.LLM request behavior
Timeout in seconds for individual LLM API requests.
Maximum number of retry attempts for failed LLM API requests before the agent raises an error.
Built-in temperature defaults
Temperature values for each role are defined inconf/config.py in the LLM_TEMPERATURES dict. They are not currently overridable via environment variables — to change them, edit the dict directly.
| Role | Default temperature | Notes |
|---|---|---|
| Planner | 0.5 | Higher value enables diverse strategy generation |
| Executor | 0.3 | Stable, reliable tool-calling behavior |
| Reflector | 0.2 | Precise analysis and judgment |
| Expert Analysis | 0.7 | More creative problem-solving |
| Summarizer | 0.2 | Stable, concise summarization |
| Reflector Validator | 0.1 | Binary yes/no judgment needs high determinism |
| Planner Crisis Expert | 0.4 | Balanced stability and exploration for crisis replanning |
Logging
Python logging level for internal service logs (not the console output controlled by
OUTPUT_MODE).| Value | Description |
|---|---|
DEBUG | Verbose internal logging |
INFO | Standard operational messages |
WARNING | Warnings only |
ERROR | Errors only |