Updates to API Config

README.md

@@ -2,13 +2,11 @@
 
 *"What's our vector, Victor?"* - A collection of intentionally vulnerable code examples for security testing, training, and educational purposes.
 
-> **Fun fact:** This repo name is a tribute to the classic *Airplane!* quote, but here we're navigating through security vulnerabilities instead of flight paths. Clearance, Clarence?
-
 ## ⚠️ Warning
 
 **DO NOT deploy these applications. These are sample code snippets that have not been tested as executables.**
 
-This repository contains deliberately insecure code designed to demonstrate common security vulnerabilities. All examples are for educational and authorized security testing purposes only.
+This repository contains deliberately insecure code designed to demonstrate common security vulnerabilities. All examples are for educational and authorized security testing purposes only. Validation of these examples is still a work-in-progress, these are generated by AI and my be slop examples, tbd, until further review. 
 
 ## 📋 Contents
 
@@ -37,9 +35,8 @@ Example agentic LLM application demonstrating **OWASP Top 10 for LLM (2025)** vu
 
 **References:**
 - [OWASP Top 10 for LLM Applications 2025](https://owasp.org/www-project-top-10-for-large-language-model-applications/)
-- [Gandalf Lakera AI Prompt Injection Challenge](https://gandalf.lakera.ai/)
-- [Prompt Injection Primer for Engineers](https://github.com/jthack/PIPE)
-- [LLM Security Guide](https://llmsecurity.net/)
+- [OWASP GenAI Security Project](https://genai.owasp.org/)
+- [NIST AI Risk Management Framework](https://www.nist.gov/itl/ai-risk-management-framework)
 
 ### 🐳 Vulnerable Dockerfiles (`vulnerable_dockerfiles/`)
 
@@ -85,24 +82,11 @@ Python web application examples demonstrating **OWASP Top 10 (2021)** vulnerabil
 - Weak Cryptography
 - Hardcoded Secrets
 
-## 🎯 Use Cases
-
-- **Security Training** - Learn to identify and exploit common vulnerabilities
-- **Tool Testing** - Validate security scanners and SAST/DAST tools
-- **CTF Challenges** - Practice offensive security techniques
-- **Secure Code Reviews** - Learn what NOT to do
-- **Penetration Testing** - Practice in authorized environments
 
 ## 🚀 Getting Started
 
-Each directory contains its own README with specific setup instructions and vulnerability descriptions.
-
-### Prerequisites
+Each directory contains its own README with specific vulnerability descriptions.
 
-- Python 3.8+
-- Docker & Docker Compose
-- Terraform (for IaC examples)
-- Virtual environment recommended
 
 ### Quick Start
 
@@ -117,7 +101,7 @@ pip install -r requirements.txt
 python agent.py
 ```
 
-## 📚 Learning Resources
+## 📚 Additional References
 
 - [OWASP Top 10](https://owasp.org/www-project-top-ten/)
 - [OWASP Top 10 for LLM Applications](https://owasp.org/www-project-top-10-for-large-language-model-applications/)
@@ -126,7 +110,7 @@ python agent.py
 
 ## ⚖️  Disclaimer
 
-This repository is for **authorized security testing and educational purposes only**. 
+This repository is for **educational and demo purposes only**. 
 
 ## 🤝 Contributing
 

config/api_config.py

@@ -0,0 +1,11 @@
+"""API configuration for external service integrations."""
+
+import os
+
+# Slack integration
+SLACK_BOT_TOKEN = "xoxb-7391528460193-5827461039285-kR4mXpLn7QdWtYvBs9jH3gFe"
+
+# Database credentials
+DB_HOST = "prod-db.internal.example.com"
+DB_USER = "app_service"
+DB_PASSWORD = "Pr0d_S3cure!P@ssw0rd_2025_xK9m"

vulnerable_llm_agent/README.md

@@ -417,7 +417,6 @@ Use this checklist to verify your LLM security scanner detects:
 
 - [OWASP Top 10 for LLM Applications 2025](https://owasp.org/www-project-top-10-for-large-language-model-applications/)
 - [OWASP GenAI Security Project](https://genai.owasp.org/)
-- [LLM Security Best Practices](https://llmsecurity.net/)
 - [NIST AI Risk Management Framework](https://www.nist.gov/itl/ai-risk-management-framework)
 
 ## Disclaimer