{"allowed_actions":["Open hosted-safe status and reporting tools","Create lab-job requests for later execution","Review required local capabilities and node status","Export readiness and executive report data"],"blocked_actions":["No network scans from Render","No mobile instrumentation from Render","No OSINT harvesting from Render","No code or infrastructure scanning from Render without an approved node"],"kali_backup_features":[{"mode":"authorized lab node only","name":"Network reconnaissance readiness","tools":["nmap","amass","subfinder","dnsutils"]},{"mode":"authorized lab node only","name":"Web and application review readiness","tools":["semgrep","trivy","gitleaks","bandit","checkov"]},{"mode":"authorized test devices only","name":"Mobile inspection readiness","tools":["apktool","adb","frida-tools"]},{"mode":"safe inventory and report inputs","name":"Evidence and reporting support","tools":["syft","grype","osv-scanner"]}],"mode":"cloud_fallback","portal":"/tools","queue":{"endpoint":"/api/fallback/queue","pending":0},"requires_mac_or_lab_node":[{"id":"nmap","name":"Network Enumeration","queue_endpoint":"/api/tools/nmap/queue","required_capabilities":["nmap"]},{"id":"apktool","name":"Application Inspection","queue_endpoint":"/api/tools/apktool/queue","required_capabilities":["apktool"]},{"id":"frida","name":"Mobile Instrumentation","queue_endpoint":"/api/tools/frida/queue","required_capabilities":["frida-tools"]},{"id":"theHarvester","name":"Email & Domain Harvesting","queue_endpoint":"/api/tools/theHarvester/queue","required_capabilities":["theHarvester"]},{"id":"amass","name":"Attack Surface Mapping","queue_endpoint":"/api/tools/amass/queue","required_capabilities":["amass"]},{"id":"sherlock","name":"Username OSINT","queue_endpoint":"/api/tools/sherlock/queue","required_capabilities":["sherlock"]},{"id":"whois_dns","name":"Whois & DNS Lookup","queue_endpoint":"/api/tools/whois_dns/queue","required_capabilities":["whois","dig"]},{"id":"semgrep","name":"Static Code Security Scan","queue_endpoint":"/api/tools/semgrep/queue","required_capabilities":["semgrep"]},{"id":"trivy","name":"Vulnerability & Dependency Scan","queue_endpoint":"/api/tools/trivy/queue","required_capabilities":["trivy"]},{"id":"gitleaks","name":"Secret Detection","queue_endpoint":"/api/tools/gitleaks/queue","required_capabilities":["gitleaks"]},{"id":"bandit","name":"Python Security Scan","queue_endpoint":"/api/tools/bandit/queue","required_capabilities":["bandit"]},{"id":"checkov","name":"IaC & Cloud Config Scan","queue_endpoint":"/api/tools/checkov/queue","required_capabilities":["checkov"]}],"safe_without_mac":[{"access_endpoint":"/api/tools/asset_inventory/access","id":"asset_inventory","name":"Asset Inventory"},{"access_endpoint":"/api/tools/network_baseline/access","id":"network_baseline","name":"Network Baseline"},{"access_endpoint":"/api/tools/ai_analysis/access","id":"ai_analysis","name":"AI Analysis"}],"security_boundary":"Cloud fallback is an access and coordination mode. It does not execute lab-only tools. Queued jobs must be reviewed and run from an approved local lab node.","status":"active","timestamp":"2026-07-09T21:15:10.647921+00:00"}
