Environment Variables

Complete reference for .env configuration. Copy .env.example to .env and set what you need.

API Providers

Anthropic (Native)

Variable	Required	Default	Description
`ANTHROPIC_AUTH_TOKEN`	Yes	—	API key or bearer token
`ANTHROPIC_BASE_URL`	No	`https://api.anthropic.com`	Base URL (also used for OpenRouter)
`ANTHROPIC_MODEL`	No	—	Override the default model

env

ANTHROPIC_AUTH_TOKEN=sk-ant-...
ANTHROPIC_BASE_URL=https://api.anthropic.com

OpenAI / OpenAI-Compatible

Variable	Required	Default	Description
`CLAUDE_CODE_USE_OPENAI`	Yes	`0`	Set to `1` to enable OpenAI-compatible mode
`OPENAI_API_KEY`	Yes	—	API key
`OPENAI_BASE_URL`	No	`https://api.openai.com/v1`	Base URL for OpenAI-compatible providers
`OPENAI_MODEL`	No	—	Model name override

env

CLAUDE_CODE_USE_OPENAI=1
OPENAI_API_KEY=sk-...
OPENAI_BASE_URL=https://opencode.ai/zen/go/v1
OPENAI_MODEL=deepseek-v4-pro:opencode-go

Model Defaults

These set which model variant the platform uses for each tier.

Variable	Purpose
`ANTHROPIC_DEFAULT_SONNET_MODEL`	Model used for Sonnet-tier tasks (fast, routine)
`ANTHROPIC_DEFAULT_HAIKU_MODEL`	Model used for Haiku-tier tasks (lightweight, parallel)
`ANTHROPIC_DEFAULT_OPUS_MODEL`	Model used for Opus-tier tasks (heavy reasoning)

env

ANTHROPIC_DEFAULT_OPUS_MODEL=deepseek-v4-pro:opencode-go
ANTHROPIC_DEFAULT_SONNET_MODEL=deepseek-v4-pro:opencode-go
ANTHROPIC_DEFAULT_HAIKU_MODEL=deepseek-v4-pro:opencode-go

Kali Container

Variable	Default	Description
`ALLYSEC_KALI_IMAGE`	`ghcr.io/allyseclabs/allysec-kali-full:latest`	Docker image for the Kali container
`ALLYSEC_KALI_CONTAINER`	`allysec-kali`	Container name
`ALLYSEC_AUTO_DEPLOY`	`1`	Auto-pull and deploy the Kali container
`ALLYSEC_AUTO_INSTALL`	`1`	Auto-install missing tools inside the container
`GHCR_TOKEN`	—	GitHub Container Registry token (for private images)

env

ALLYSEC_KALI_IMAGE=ghcr.io/allyseclabs/allysec-kali-full:latest
ALLYSEC_KALI_CONTAINER=allysec-kali
ALLYSEC_AUTO_DEPLOY=1
ALLYSEC_AUTO_INSTALL=1

Knowledge Base

Controls where engagement data, findings, and lessons are stored.

Variable	Default	Description
`KB_CONFIG_TYPE`	`sqlite`	Storage backend: `sqlite`, `postgres`, or `dual`
`PG_CONNECTION_STRING`	—	Full PostgreSQL connection URI (takes precedence over individual vars)
`KB_PG_HOST`	`localhost`	PostgreSQL host
`KB_PG_PORT`	`5432`	PostgreSQL port
`KB_PG_DATABASE`	`allysec`	Database name
`KB_PG_USER`	`allysec`	Database user
`KB_PG_PASSWORD`	—	Database password

env

# Local SQLite (default, zero config)
KB_CONFIG_TYPE=sqlite

# PostgreSQL
KB_CONFIG_TYPE=postgres
PG_CONNECTION_STRING=postgresql://allysec:password@host:5432/allysec

# Dual — writes to both SQLite and PostgreSQL
KB_CONFIG_TYPE=dual

Credential Pooling

Supply a pool of credentials for testing authentication across multiple targets. The platform rotates through them based on the strategy.

Variable	Description
`ALLYSEC_CREDENTIAL_POOL`	JSON array of credential objects
`ALLYSEC_CREDENTIAL_STRATEGY`	Rotation strategy: `fill_first`, `round_robin`, `random`, `least_used`

env

ALLYSEC_CREDENTIAL_POOL='[{"email":"user1@example.com","password":"pass1"},{"email":"user2@example.com","password":"pass2"}]'
ALLYSEC_CREDENTIAL_STRATEGY=round_robin

Telemetry & Privacy

Variable	Effect
`DISABLE_TELEMETRY=1`	Disable usage telemetry
`CLAUDE_CODE_DISABLE_NONESSENTIAL_TRAFFIC=1`	Block all non-essential outbound requests

Other

Variable	Default	Description
`API_TIMEOUT_MS`	`300000`	API request timeout in milliseconds

Quick Start -- Third-Party Models

Environment Variables ​

API Providers ​

Anthropic (Native) ​

OpenAI / OpenAI-Compatible ​

Model Defaults ​

Kali Container ​

Knowledge Base ​

Credential Pooling ​

Telemetry & Privacy ​

Other ​