From 27b90d6ba77c3d61f627e35ce8dff075c48a52f5 Mon Sep 17 00:00:00 2001
From: ahmed <you@example.com>
Date: Sun, 28 Dec 2025 18:33:41 +0200
Subject: [PATCH 1/9]  feat(prompts): enhance Next.js framework module with
 reconnaissance techniques

  - Add route enumeration section with __BUILD_MANIFEST.sortedPages technique
  - Add environment variable leakage detection (NEXT_PUBLIC_ prefix)
  - Add data fetching over-exposure section for __NEXT_DATA__ inspection
  - Add API route path normalization bypass techniques
---
 strix/prompts/frameworks/nextjs.jinja | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/strix/prompts/frameworks/nextjs.jinja b/strix/prompts/frameworks/nextjs.jinja
index dc8179da..ddd2ce4c 100644
--- a/strix/prompts/frameworks/nextjs.jinja
+++ b/strix/prompts/frameworks/nextjs.jinja
@@ -31,6 +31,18 @@
 </high_value_targets>
 
 <advanced_techniques>
+<route_enumeration>
+- __BUILD_MANIFEST.sortedPages: Execute `console.log(__BUILD_MANIFEST.sortedPages.join('\n'))` in browser console to instantly reveal all registered routes (Pages Router and static App Router paths compiled at build time)
+- __NEXT_DATA__: Inspect `<script id="__NEXT_DATA__">` for serverside props, pageProps, buildId, and dynamic route params on current page; reveals data flow and prop structure
+- Source maps exposure: Check `/_next/static/` for exposed .map files revealing full route structure, server action IDs, API endpoints, and internal function names
+- Client bundle mining: Search main-*.js and page chunks for route definitions; grep for 'pathname:', 'href:', '__next_route__', 'serverActions', and API endpoint strings
+- Static chunk enumeration: Probe `/_next/static/chunks/pages/` and `/_next/static/chunks/app/` for build artifacts; filenames map directly to routes (e.g., `admin.js` → `/admin`)
+- Build manifest fetch: GET `/_next/static/<buildId>/_buildManifest.js` and `/_next/static/<buildId>/_ssgManifest.js` for complete route and static generation metadata
+- Sitemap/robots leakage: Check `/sitemap.xml`, `/robots.txt`, and `/sitemap-*.xml` for unintended exposure of admin/internal/preview paths
+- Server action discovery: Inspect Network tab for POST requests with `Next-Action` header; extract action IDs from response streams and client hydration data
+- Environment variable leakage: Execute `Object.keys(process.env).filter(k => k.startsWith('NEXT_PUBLIC_'))` in console to list public env vars; grep bundles for 'API_KEY', 'SECRET', 'TOKEN', 'PASSWORD' to find accidentally leaked credentials
+</route_enumeration>
+
 <middleware_bypass>
 - Test for CVE-class middleware bypass via `x-middleware-subrequest` crafting and `x-nextjs-data` probing. Look for 307 + `x-middleware-rewrite`/`x-nextjs-redirect` headers and attempt bypass on protected routes.
 - Attempt direct route access on Node vs Edge runtimes; confirm protection parity.
@@ -80,6 +92,14 @@
 - Identify `dangerouslySetInnerHTML`, Markdown renderers, and user-controlled href/src attributes. Validate CSP/Trusted Types coverage for SSR/CSR/hydration.
 - Attack hydration boundaries: server vs client render mismatches can enable gadget-based XSS.
 </client_and_dom>
+
+<data_fetching_over_exposure>
+- getServerSideProps/getStaticProps leakage: Execute `JSON.parse(document.getElementById('__NEXT_DATA__').textContent).props.pageProps` in console to inspect all server-fetched data; look for sensitive fields (emails, tokens, internal IDs, full user objects) passed to client but not rendered in UI
+- Over-fetched database queries: Check if pageProps include entire user records, relations, or admin-only fields when only username is displayed; common when using ORM select-all patterns
+- API response pass-through: Verify if API responses are sanitized before passing to props; developers often forward entire responses including metadata, cursors, or debug info
+- Environment-dependent data: Test if staging/dev accidentally exposes more fields in props than production due to inconsistent serialization logic
+- Nested object inspection: Drill into nested props objects; look for `_metadata`, `_internal`, `__typename` (GraphQL), or framework-added fields containing sensitive context
+</data_fetching_over_exposure>
 </advanced_techniques>
 
 <bypass_techniques>
@@ -87,6 +107,8 @@
 - Method override/tunneling: `_method`, `X-HTTP-Method-Override`, GET on endpoints unexpectedly accepting writes.
 - Case/param aliasing and query duplication affecting middleware vs handler parsing.
 - Cache key confusion at CDN/proxy (lack of Vary on auth cookies/headers) to leak personalized SSR/ISR content.
+- API route path normalization: Test `/api/users` vs `/api/users/` vs `/api//users` vs `/api/./users`; middleware may normalize differently than route handlers, allowing protection bypass. Try double slashes, trailing slashes, and dot segments.
+- Parameter pollution: Send duplicate query params (`?id=1&id=2`) or array notation (`?filter[]=a&filter[]=b`) to exploit parsing differences between middleware (which may check first value) and handler (which may use last or array).
 </bypass_techniques>
 
 <special_contexts>
@@ -107,6 +129,10 @@
 3. Demonstrate server action invocation outside UI with insufficient authorization checks.
 4. Show middleware bypass (where applicable) with explicit headers and resulting protected content.
 5. Include runtime parity checks (Edge vs Node) proving inconsistent enforcement.
+6. For route enumeration: verify discovered routes return 200/403 (deployed) not 404 (build artifacts); test with authenticated vs unauthenticated requests.
+7. For leaked credentials: test API keys with minimal read-only calls; filter placeholders (YOUR_API_KEY, demo-token); confirm keys match provider patterns (sk_live_*, pk_prod_*).
+8. For __NEXT_DATA__ over-exposure: test cross-user (User A's props should not contain User B's PII); verify exposed fields are not in DOM; validate token validity with API calls.
+9. For path normalization bypasses: show differential responses (403 vs 200 for path variants); redirects (307/308) don't count—only direct access bypasses matter.
 </validation>
 
 <pro_tips>

From 9c8212230418ade415f1fcbcbe8d2f2bc71ec0d6 Mon Sep 17 00:00:00 2001
From: ahmed <you@example.com>
Date: Thu, 1 Jan 2026 21:42:19 +0200
Subject: [PATCH 2/9] resume feature

---
 .gitignore                             |   2 +
 manual_checkpoint_test/checkpoint.json |  53 +++++++
 pyproject.toml                         |   2 +-
 strix/agents/base_agent.py             |  15 ++
 strix/interface/cli.py                 |  58 ++++++++
 strix/interface/main.py                |  10 ++
 strix/telemetry/checkpoint.py          | 186 +++++++++++++++++++++++++
 strix/telemetry/tracer.py              |  11 ++
 8 files changed, 336 insertions(+), 1 deletion(-)
 create mode 100644 manual_checkpoint_test/checkpoint.json
 create mode 100644 strix/telemetry/checkpoint.py

diff --git a/.gitignore b/.gitignore
index 94adf289..2f8bdc7e 100644
--- a/.gitignore
+++ b/.gitignore
@@ -97,3 +97,5 @@ Thumbs.db
 schema.graphql
 
 .opencode/
+
+.claude/
diff --git a/manual_checkpoint_test/checkpoint.json b/manual_checkpoint_test/checkpoint.json
new file mode 100644
index 00000000..c16e4eeb
--- /dev/null
+++ b/manual_checkpoint_test/checkpoint.json
@@ -0,0 +1,53 @@
+{
+  "version": 1,
+  "created_at": "2026-01-01T03:34:40.485477+00:00",
+  "scan_config": {
+    "scan_id": "manual-test",
+    "targets": [
+      {
+        "type": "web_application",
+        "details": {
+          "target_url": "https://example.com"
+        },
+        "original": "https://example.com"
+      }
+    ],
+    "user_instructions": "Test instructions",
+    "run_name": "manual-test"
+  },
+  "agent_state": {
+    "agent_id": "agent_cca8332b",
+    "agent_name": "ManualTestAgent",
+    "parent_id": null,
+    "sandbox_id": null,
+    "sandbox_token": null,
+    "sandbox_info": null,
+    "task": "Manual checkpoint test",
+    "iteration": 25,
+    "max_iterations": 300,
+    "completed": false,
+    "stop_requested": false,
+    "waiting_for_input": false,
+    "llm_failed": false,
+    "waiting_start_time": null,
+    "final_result": null,
+    "max_iterations_warning_sent": false,
+    "messages": [
+      {
+        "role": "user",
+        "content": "Test message 1"
+      },
+      {
+        "role": "assistant",
+        "content": "Test response 1"
+      }
+    ],
+    "context": {},
+    "start_time": "2026-01-01T03:34:40.485430+00:00",
+    "last_updated": "2026-01-01T03:34:40.485470+00:00",
+    "actions_taken": [],
+    "observations": [],
+    "errors": []
+  },
+  "tracer_data": {}
+}
\ No newline at end of file
diff --git a/pyproject.toml b/pyproject.toml
index e76c21f1..73f9ef60 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -46,7 +46,7 @@ strix = "strix.interface.main:main"
 [tool.poetry.dependencies]
 python = "^3.12"
 # Core CLI dependencies
-litellm = { version = "~1.80.7", extras = ["proxy"] }
+litellm = ">=1.43.0"
 tenacity = "^9.0.0"
 pydantic = {extras = ["email"], version = "^2.11.3"}
 rich = "*"
diff --git a/strix/agents/base_agent.py b/strix/agents/base_agent.py
index 67aeb383..43f6e933 100644
--- a/strix/agents/base_agent.py
+++ b/strix/agents/base_agent.py
@@ -205,6 +205,21 @@ async def agent_loop(self, task: str) -> dict[str, Any]:  # noqa: PLR0912, PLR09
 
             try:
                 should_finish = await self._process_iteration(tracer)
+
+                # Save checkpoint after successful iteration
+                try:
+                    from strix.telemetry.checkpoint import save_checkpoint
+                    from strix.telemetry.tracer import get_global_tracer
+
+                    tracer_instance = get_global_tracer()
+                    if tracer_instance and hasattr(self, "state"):
+                        run_dir = tracer_instance.get_run_dir()
+                        scan_config = tracer_instance.scan_config or {}
+                        save_checkpoint(run_dir, self.state, scan_config)
+                except Exception:
+                    # Checkpoint save failure should not crash scan
+                    pass
+
                 if should_finish:
                     if self.non_interactive:
                         self.state.set_completed({"success": True})
diff --git a/strix/interface/cli.py b/strix/interface/cli.py
index 582f8116..0ab345c9 100644
--- a/strix/interface/cli.py
+++ b/strix/interface/cli.py
@@ -85,6 +85,64 @@ async def run_cli(args: Any) -> None:  # noqa: PLR0915
     if getattr(args, "local_sources", None):
         agent_config["local_sources"] = args.local_sources
 
+    # Check for resume from checkpoint
+    from pathlib import Path
+
+    from pydantic import ValidationError
+
+    from strix.agents.state import AgentState
+    from strix.telemetry.checkpoint import can_resume, load_checkpoint
+
+    resume_from_checkpoint = False
+    restored_state = None
+
+    if getattr(args, "resume", False):
+        run_dir = Path.cwd() / "strix_runs" / args.run_name
+
+        if run_dir.exists() and can_resume(run_dir, scan_config):
+            checkpoint = load_checkpoint(run_dir)
+
+            if checkpoint:
+                try:
+                    agent_state_data = checkpoint["agent_state"]
+                    restored_state = AgentState(**agent_state_data)
+                    resume_from_checkpoint = True
+
+                    console.print()
+                    resume_text = Text()
+                    resume_text.append("✓ ", style="bold green")
+                    resume_text.append("Resuming from checkpoint at iteration ", style="green")
+                    resume_text.append(
+                        f"{restored_state.iteration}/{restored_state.max_iterations}",
+                        style="bold green",
+                    )
+                    console.print(resume_text)
+                    console.print()
+
+                except ValidationError as e:
+                    warn_text = Text()
+                    warn_text.append("⚠ ", style="bold yellow")
+                    warn_text.append(
+                        f"Checkpoint validation failed: {e}. Starting fresh scan.", style="yellow"
+                    )
+                    console.print()
+                    console.print(warn_text)
+                    console.print()
+        elif getattr(args, "resume", False):
+            warn_text = Text()
+            warn_text.append("⚠ ", style="bold yellow")
+            warn_text.append(
+                "--resume flag provided but no valid checkpoint found. Starting fresh scan.",
+                style="yellow",
+            )
+            console.print()
+            console.print(warn_text)
+            console.print()
+
+    # Add restored state to agent config if resuming
+    if resume_from_checkpoint and restored_state:
+        agent_config["state"] = restored_state
+
     tracer = Tracer(args.run_name)
     tracer.set_scan_config(scan_config)
 
diff --git a/strix/interface/main.py b/strix/interface/main.py
index 1da6e54b..a6ad0c21 100644
--- a/strix/interface/main.py
+++ b/strix/interface/main.py
@@ -343,6 +343,16 @@ def parse_arguments() -> argparse.Namespace:
         ),
     )
 
+    parser.add_argument(
+        "--resume",
+        action="store_true",
+        help=(
+            "Resume an interrupted scan from checkpoint. "
+            "Requires --run-name to match the interrupted scan. "
+            "If no valid checkpoint is found, starts a fresh scan."
+        ),
+    )
+
     args = parser.parse_args()
 
     if args.instruction and args.instruction_file:
diff --git a/strix/telemetry/checkpoint.py b/strix/telemetry/checkpoint.py
new file mode 100644
index 00000000..d4466bfa
--- /dev/null
+++ b/strix/telemetry/checkpoint.py
@@ -0,0 +1,186 @@
+"""
+Checkpoint management for scan resumption.
+
+This module provides functionality to save and restore agent state,
+enabling scans to resume after interruption.
+"""
+
+import json
+import logging
+from datetime import UTC, datetime
+from pathlib import Path
+from typing import Any, Optional
+
+logger = logging.getLogger(__name__)
+
+# Checkpoint format version - increment when schema changes
+CHECKPOINT_VERSION = 1
+
+
+class CheckpointError(Exception):
+    """Raised when checkpoint operations fail."""
+
+    pass
+
+
+def get_checkpoint_path(run_dir: Path) -> Path:
+    """
+    Get path to checkpoint file for a run.
+
+    Args:
+        run_dir: Run directory (e.g., strix_runs/my-scan)
+
+    Returns:
+        Path to checkpoint.json
+    """
+    return run_dir / "checkpoint.json"
+
+
+def save_checkpoint(
+    run_dir: Path,
+    agent_state: Any,  # AgentState from state.py
+    scan_config: dict[str, Any],
+    tracer_data: Optional[dict[str, Any]] = None,
+) -> None:
+    """
+    Save checkpoint for resumption.
+
+    Args:
+        run_dir: Run directory
+        agent_state: Current AgentState instance
+        scan_config: Scan configuration dict
+        tracer_data: Optional tracer metadata
+
+    Note:
+        - Fails silently if save fails (logs error)
+        - Uses same error handling pattern as tracer.save_run_data()
+    """
+    try:
+        checkpoint_path = get_checkpoint_path(run_dir)
+
+        # Build checkpoint data
+        checkpoint = {
+            "version": CHECKPOINT_VERSION,
+            "created_at": datetime.now(UTC).isoformat(),
+            "scan_config": scan_config,
+            "agent_state": agent_state.model_dump(mode='json'),  # Pydantic serialization with JSON mode
+            "tracer_data": tracer_data or {},
+        }
+
+        # Write atomically: write to temp file, then rename
+        temp_path = checkpoint_path.with_suffix(".tmp")
+        with temp_path.open("w", encoding="utf-8") as f:
+            json.dump(checkpoint, f, indent=2)
+
+        # Atomic rename (overwrites existing checkpoint)
+        temp_path.replace(checkpoint_path)
+
+        logger.info(f"Saved checkpoint at iteration {agent_state.iteration}")
+
+    except (OSError, RuntimeError, TypeError, ValueError) as e:
+        # Match tracer.py error handling pattern
+        logger.exception(f"Failed to save checkpoint: {e}")
+
+
+def load_checkpoint(run_dir: Path) -> Optional[dict[str, Any]]:
+    """
+    Load checkpoint for resumption.
+
+    Args:
+        run_dir: Run directory
+
+    Returns:
+        Checkpoint dict if valid, None if missing/invalid
+
+    Note:
+        - Returns None on any error (graceful degradation)
+        - Validates checkpoint version and structure
+    """
+    try:
+        checkpoint_path = get_checkpoint_path(run_dir)
+
+        if not checkpoint_path.exists():
+            logger.debug(f"No checkpoint found at {checkpoint_path}")
+            return None
+
+        with checkpoint_path.open("r", encoding="utf-8") as f:
+            checkpoint = json.load(f)
+
+        # Validate version
+        version = checkpoint.get("version")
+        if version != CHECKPOINT_VERSION:
+            logger.warning(
+                f"Checkpoint version mismatch: expected {CHECKPOINT_VERSION}, "
+                f"got {version}. Cannot resume."
+            )
+            return None
+
+        # Validate required fields
+        required = ["scan_config", "agent_state"]
+        missing = [field for field in required if field not in checkpoint]
+        if missing:
+            logger.warning(f"Checkpoint missing fields: {missing}. Cannot resume.")
+            return None
+
+        logger.info("Loaded valid checkpoint")
+        return checkpoint
+
+    except (OSError, json.JSONDecodeError, KeyError, TypeError) as e:
+        logger.exception(f"Failed to load checkpoint: {e}")
+        return None
+
+
+def can_resume(run_dir: Path, current_scan_config: dict[str, Any]) -> bool:
+    """
+    Check if scan can be resumed from checkpoint.
+
+    Args:
+        run_dir: Run directory
+        current_scan_config: Configuration for current scan attempt
+
+    Returns:
+        True if checkpoint exists and is compatible
+    """
+    checkpoint = load_checkpoint(run_dir)
+    if not checkpoint:
+        return False
+
+    # Check if scan already completed
+    agent_state_data = checkpoint.get("agent_state", {})
+    if agent_state_data.get("completed", False):
+        logger.info("Checkpoint found but scan already completed")
+        return False
+
+    # Validate target compatibility (targets should match)
+    saved_config = checkpoint.get("scan_config", {})
+    saved_targets = saved_config.get("targets", [])
+    current_targets = current_scan_config.get("targets", [])
+
+    # Simple comparison: same number of targets
+    if len(saved_targets) != len(current_targets):
+        logger.warning(
+            f"Target mismatch: checkpoint has {len(saved_targets)} targets, "
+            f"current scan has {len(current_targets)}. Cannot resume."
+        )
+        return False
+
+    return True
+
+
+def delete_checkpoint(run_dir: Path) -> None:
+    """
+    Delete checkpoint file.
+
+    Args:
+        run_dir: Run directory
+
+    Note:
+        - Silently succeeds if checkpoint doesn't exist
+    """
+    try:
+        checkpoint_path = get_checkpoint_path(run_dir)
+        if checkpoint_path.exists():
+            checkpoint_path.unlink()
+            logger.info("Deleted checkpoint")
+    except OSError as e:
+        logger.warning(f"Failed to delete checkpoint: {e}")
diff --git a/strix/telemetry/tracer.py b/strix/telemetry/tracer.py
index 6da30d53..48a56120 100644
--- a/strix/telemetry/tracer.py
+++ b/strix/telemetry/tracer.py
@@ -208,6 +208,17 @@ def save_run_data(self, mark_complete: bool = False) -> None:
             if mark_complete:
                 self.end_time = datetime.now(UTC).isoformat()
 
+                # Only delete checkpoint if scan actually completed successfully
+                # (not just cleanup on exit/interrupt)
+                if self.scan_results and self.scan_results.get("scan_completed"):
+                    try:
+                        from strix.telemetry.checkpoint import delete_checkpoint
+
+                        delete_checkpoint(run_dir)
+                        logger.info("Deleted checkpoint after successful scan completion")
+                    except Exception:
+                        pass  # Checkpoint cleanup failure is not critical
+
             if self.final_scan_result:
                 penetration_test_report_file = run_dir / "penetration_test_report.md"
                 with penetration_test_report_file.open("w", encoding="utf-8") as f:

From cc618ba25ecf092b427d21d1f6abad7816d454f2 Mon Sep 17 00:00:00 2001
From: ahmed <you@example.com>
Date: Fri, 2 Jan 2026 00:43:07 +0200
Subject: [PATCH 3/9] update tui.py to support resmue

---
 strix/agents/base_agent.py    |  9 ++--
 strix/interface/cli.py        |  2 +-
 strix/interface/tui.py        | 78 ++++++++++++++++++++++++++++++++---
 strix/telemetry/checkpoint.py | 24 ++++++-----
 strix/telemetry/tracer.py     |  6 ++-
 5 files changed, 96 insertions(+), 23 deletions(-)

diff --git a/strix/agents/base_agent.py b/strix/agents/base_agent.py
index 43f6e933..53eded8e 100644
--- a/strix/agents/base_agent.py
+++ b/strix/agents/base_agent.py
@@ -216,9 +216,12 @@ async def agent_loop(self, task: str) -> dict[str, Any]:  # noqa: PLR0912, PLR09
                         run_dir = tracer_instance.get_run_dir()
                         scan_config = tracer_instance.scan_config or {}
                         save_checkpoint(run_dir, self.state, scan_config)
-                except Exception:
-                    # Checkpoint save failure should not crash scan
-                    pass
+                except Exception as exc:  # noqa: BLE001
+                    logger.debug(
+                        "Checkpoint save failed (non-fatal): %s",
+                        exc,
+                        exc_info=True,
+                    )
 
                 if should_finish:
                     if self.non_interactive:
diff --git a/strix/interface/cli.py b/strix/interface/cli.py
index 0ab345c9..81276700 100644
--- a/strix/interface/cli.py
+++ b/strix/interface/cli.py
@@ -17,7 +17,7 @@
 from .utils import build_final_stats_text, build_live_stats_text, get_severity_color
 
 
-async def run_cli(args: Any) -> None:  # noqa: PLR0915
+async def run_cli(args: Any) -> None:  # noqa: PLR0915, PLR0912
     console = Console()
 
     start_text = Text()
diff --git a/strix/interface/tui.py b/strix/interface/tui.py
index 69f0fc9d..b31c750e 100644
--- a/strix/interface/tui.py
+++ b/strix/interface/tui.py
@@ -81,12 +81,15 @@ class SplashScreen(Static):  # type: ignore[misc]
         " ╚══════╝   ╚═╝   ╚═╝  ╚═╝╚═╝╚═╝  ╚═╝"
     )
 
-    def __init__(self, *args: Any, **kwargs: Any) -> None:
+    def __init__(
+        self, *args: Any, resume_info: dict[str, Any] | None = None, **kwargs: Any
+    ) -> None:
         super().__init__(*args, **kwargs)
         self._animation_step = 0
         self._animation_timer: Timer | None = None
         self._panel_static: Static | None = None
         self._version = "dev"
+        self._resume_info = resume_info
 
     def compose(self) -> ComposeResult:
         self._version = get_package_version()
@@ -116,15 +119,22 @@ def _animate_start_line(self) -> None:
         self._panel_static.update(panel)
 
     def _build_panel(self, start_line: Text) -> Panel:
-        content = Group(
+        content_parts = [
             Align.center(Text(self.BANNER.strip("\n"), style=self.PRIMARY_GREEN, justify="center")),
             Align.center(Text(" ")),
             Align.center(self._build_welcome_text()),
             Align.center(self._build_version_text()),
             Align.center(self._build_tagline_text()),
-            Align.center(Text(" ")),
-            Align.center(start_line.copy()),
-        )
+        ]
+
+        if self._resume_info:
+            content_parts.append(Align.center(Text(" ")))
+            content_parts.append(Align.center(self._build_resume_text()))
+
+        content_parts.append(Align.center(Text(" ")))
+        content_parts.append(Align.center(start_line.copy()))
+
+        content = Group(*content_parts)
 
         return Panel.fit(content, border_style=self.PRIMARY_GREEN, padding=(1, 6))
 
@@ -140,6 +150,17 @@ def _build_version_text(self) -> Text:
     def _build_tagline_text(self) -> Text:
         return Text("Open-source AI hackers for your apps", style=Style(color="white", dim=True))
 
+    def _build_resume_text(self) -> Text:
+        if not self._resume_info:
+            return Text("")
+
+        text = Text("✓ Resuming from iteration ", style=Style(color="#fbbf24", bold=True))
+        text.append(
+            f"{self._resume_info['iteration']}/{self._resume_info['max_iterations']}",
+            style=Style(color=self.PRIMARY_GREEN, bold=True),
+        )
+        return text
+
     def _build_start_line_text(self, phase: int) -> Text:
         emphasize = phase % 2 == 1
         base_style = Style(color="white", dim=not emphasize, bold=emphasize)
@@ -280,6 +301,51 @@ def __init__(self, args: argparse.Namespace):
         self.scan_config = self._build_scan_config(args)
         self.agent_config = self._build_agent_config(args)
 
+        # Check for resume from checkpoint
+        from pathlib import Path
+
+        from pydantic import ValidationError
+
+        from strix.agents.state import AgentState
+        from strix.telemetry.checkpoint import can_resume, load_checkpoint
+
+        self.resume_info: dict[str, Any] | None = None
+
+        if getattr(args, "resume", False):
+            run_dir = Path.cwd() / "strix_runs" / args.run_name
+
+            if run_dir.exists() and can_resume(run_dir, self.scan_config):
+                checkpoint = load_checkpoint(run_dir)
+
+                if checkpoint:
+                    try:
+                        agent_state_data = checkpoint["agent_state"]
+                        restored_state = AgentState(**agent_state_data)
+                        self.agent_config["state"] = restored_state
+
+                        self.resume_info = {
+                            "iteration": restored_state.iteration,
+                            "max_iterations": restored_state.max_iterations,
+                        }
+
+                        import logging
+
+                        logging.info(
+                            f"Resuming from checkpoint at iteration "
+                            f"{restored_state.iteration}/{restored_state.max_iterations}"
+                        )
+
+                    except ValidationError as e:
+                        import logging
+
+                        logging.warning(f"Checkpoint validation failed: {e}. Starting fresh scan.")
+            elif getattr(args, "resume", False):
+                import logging
+
+                logging.warning(
+                    "--resume flag provided but no valid checkpoint found. Starting fresh scan."
+                )
+
         self.tracer = Tracer(self.scan_config["run_name"])
         self.tracer.set_scan_config(self.scan_config)
         set_global_tracer(self.tracer)
@@ -348,7 +414,7 @@ def signal_handler(_signum: int, _frame: Any) -> None:
 
     def compose(self) -> ComposeResult:
         if self.show_splash:
-            yield SplashScreen(id="splash_screen")
+            yield SplashScreen(id="splash_screen", resume_info=self.resume_info)
 
     def watch_show_splash(self, show_splash: bool) -> None:
         if not show_splash and self.is_mounted:
diff --git a/strix/telemetry/checkpoint.py b/strix/telemetry/checkpoint.py
index d4466bfa..a6b1e70c 100644
--- a/strix/telemetry/checkpoint.py
+++ b/strix/telemetry/checkpoint.py
@@ -9,7 +9,8 @@
 import logging
 from datetime import UTC, datetime
 from pathlib import Path
-from typing import Any, Optional
+from typing import Any
+
 
 logger = logging.getLogger(__name__)
 
@@ -20,8 +21,6 @@
 class CheckpointError(Exception):
     """Raised when checkpoint operations fail."""
 
-    pass
-
 
 def get_checkpoint_path(run_dir: Path) -> Path:
     """
@@ -40,7 +39,7 @@ def save_checkpoint(
     run_dir: Path,
     agent_state: Any,  # AgentState from state.py
     scan_config: dict[str, Any],
-    tracer_data: Optional[dict[str, Any]] = None,
+    tracer_data: dict[str, Any] | None = None,
 ) -> None:
     """
     Save checkpoint for resumption.
@@ -63,7 +62,9 @@ def save_checkpoint(
             "version": CHECKPOINT_VERSION,
             "created_at": datetime.now(UTC).isoformat(),
             "scan_config": scan_config,
-            "agent_state": agent_state.model_dump(mode='json'),  # Pydantic serialization with JSON mode
+            "agent_state": agent_state.model_dump(
+                mode="json"
+            ),  # Pydantic serialization with JSON mode
             "tracer_data": tracer_data or {},
         }
 
@@ -77,12 +78,12 @@ def save_checkpoint(
 
         logger.info(f"Saved checkpoint at iteration {agent_state.iteration}")
 
-    except (OSError, RuntimeError, TypeError, ValueError) as e:
+    except (OSError, RuntimeError, TypeError, ValueError):
         # Match tracer.py error handling pattern
-        logger.exception(f"Failed to save checkpoint: {e}")
+        logger.exception("Failed to save checkpoint")
 
 
-def load_checkpoint(run_dir: Path) -> Optional[dict[str, Any]]:
+def load_checkpoint(run_dir: Path) -> dict[str, Any] | None:
     """
     Load checkpoint for resumption.
 
@@ -123,11 +124,12 @@ def load_checkpoint(run_dir: Path) -> Optional[dict[str, Any]]:
             return None
 
         logger.info("Loaded valid checkpoint")
-        return checkpoint
 
-    except (OSError, json.JSONDecodeError, KeyError, TypeError) as e:
-        logger.exception(f"Failed to load checkpoint: {e}")
+    except (OSError, json.JSONDecodeError, KeyError, TypeError):
+        logger.exception("Failed to load checkpoint")
         return None
+    else:
+        return checkpoint
 
 
 def can_resume(run_dir: Path, current_scan_config: dict[str, Any]) -> bool:
diff --git a/strix/telemetry/tracer.py b/strix/telemetry/tracer.py
index 48a56120..1ce8a607 100644
--- a/strix/telemetry/tracer.py
+++ b/strix/telemetry/tracer.py
@@ -216,8 +216,10 @@ def save_run_data(self, mark_complete: bool = False) -> None:
 
                         delete_checkpoint(run_dir)
                         logger.info("Deleted checkpoint after successful scan completion")
-                    except Exception:
-                        pass  # Checkpoint cleanup failure is not critical
+                    except Exception:  # noqa: BLE001
+                        logger.debug(
+                            "Checkpoint cleanup failed (non-fatal)"
+                        )  # Checkpoint cleanup failure is not critical
 
             if self.final_scan_result:
                 penetration_test_report_file = run_dir / "penetration_test_report.md"

From 2e68cdfce7844db9c70c6cfde43bf1cc50d91590 Mon Sep 17 00:00:00 2001
From: ahmed <you@example.com>
Date: Fri, 2 Jan 2026 03:01:55 +0200
Subject: [PATCH 4/9] intialize next.js as main

---
 README.md                              | 16 +++++---
 manual_checkpoint_test/checkpoint.json | 53 --------------------------
 strix/prompts/frameworks/nextjs.jinja  | 28 +-------------
 3 files changed, 11 insertions(+), 86 deletions(-)
 delete mode 100644 manual_checkpoint_test/checkpoint.json

diff --git a/README.md b/README.md
index 12740cd2..2e79a7d2 100644
--- a/README.md
+++ b/README.md
@@ -21,7 +21,6 @@
 
 <a href="https://trendshift.io/repositories/15362" target="_blank"><img src="https://trendshift.io/api/badge/repositories/15362" alt="usestrix%2Fstrix | Trendshift" style="width: 250px; height: 55px;" width="250" height="55"/></a>
 
-
 [![Ask DeepWiki](https://deepwiki.com/badge.svg)](https://deepwiki.com/usestrix/strix)
 
 </div>
@@ -34,8 +33,7 @@
 
 <br>
 
-> [!TIP]
-> **New!** Strix now integrates seamlessly with GitHub Actions and CI/CD pipelines. Automatically scan for vulnerabilities on every pull request and block insecure code before it reaches production!
+> [!TIP] > **New!** Strix now integrates seamlessly with GitHub Actions and CI/CD pipelines. Automatically scan for vulnerabilities on every pull request and block insecure code before it reaches production!
 
 ---
 
@@ -51,7 +49,6 @@ Strix are autonomous AI agents that act just like real hackers - they run your c
 - 💻 **Developer‑first** CLI with actionable reports
 - 🔄 **Auto‑fix & reporting** to accelerate remediation
 
-
 ## 🎯 Use Cases
 
 - **Application Security Testing** - Detect and validate critical vulnerabilities in your applications
@@ -64,6 +61,7 @@ Strix are autonomous AI agents that act just like real hackers - they run your c
 ## 🚀 Quick Start
 
 **Prerequisites:**
+
 - Docker (running)
 - An LLM provider key (e.g. [get OpenAI API key](https://platform.openai.com/api-keys) or use a local LLM)
 
@@ -153,6 +151,12 @@ strix --target https://github.com/org/repo
 strix --target https://your-app.com
 ```
 
+# Resume an interrupted scan
+
+strix --target https://your-app.com --run-name my-scan --resume
+
+````
+
 ### Advanced Testing Scenarios
 
 ```bash
@@ -167,7 +171,7 @@ strix --target api.your-app.com --instruction "Focus on business logic flaws and
 
 # Provide detailed instructions through file (e.g., rules of engagement, scope, exclusions)
 strix --target api.your-app.com --instruction-file ./instruction.md
-```
+````
 
 ### 🤖 Headless Mode
 
@@ -228,11 +232,11 @@ Have questions? Found a bug? Want to contribute? **[Join our Discord!](https://d
 ## 🌟 Support the Project
 
 **Love Strix?** Give us a ⭐ on GitHub!
+
 ## 🙏 Acknowledgements
 
 Strix builds on the incredible work of open-source projects like [LiteLLM](https://github.com/BerriAI/litellm), [Caido](https://github.com/caido/caido), [ProjectDiscovery](https://github.com/projectdiscovery), [Playwright](https://github.com/microsoft/playwright), and [Textual](https://github.com/Textualize/textual). Huge thanks to their maintainers!
 
-
 > [!WARNING]
 > Only test apps you own or have permission to test. You are responsible for using Strix ethically and legally.
 
diff --git a/manual_checkpoint_test/checkpoint.json b/manual_checkpoint_test/checkpoint.json
deleted file mode 100644
index c16e4eeb..00000000
--- a/manual_checkpoint_test/checkpoint.json
+++ /dev/null
@@ -1,53 +0,0 @@
-{
-  "version": 1,
-  "created_at": "2026-01-01T03:34:40.485477+00:00",
-  "scan_config": {
-    "scan_id": "manual-test",
-    "targets": [
-      {
-        "type": "web_application",
-        "details": {
-          "target_url": "https://example.com"
-        },
-        "original": "https://example.com"
-      }
-    ],
-    "user_instructions": "Test instructions",
-    "run_name": "manual-test"
-  },
-  "agent_state": {
-    "agent_id": "agent_cca8332b",
-    "agent_name": "ManualTestAgent",
-    "parent_id": null,
-    "sandbox_id": null,
-    "sandbox_token": null,
-    "sandbox_info": null,
-    "task": "Manual checkpoint test",
-    "iteration": 25,
-    "max_iterations": 300,
-    "completed": false,
-    "stop_requested": false,
-    "waiting_for_input": false,
-    "llm_failed": false,
-    "waiting_start_time": null,
-    "final_result": null,
-    "max_iterations_warning_sent": false,
-    "messages": [
-      {
-        "role": "user",
-        "content": "Test message 1"
-      },
-      {
-        "role": "assistant",
-        "content": "Test response 1"
-      }
-    ],
-    "context": {},
-    "start_time": "2026-01-01T03:34:40.485430+00:00",
-    "last_updated": "2026-01-01T03:34:40.485470+00:00",
-    "actions_taken": [],
-    "observations": [],
-    "errors": []
-  },
-  "tracer_data": {}
-}
\ No newline at end of file
diff --git a/strix/prompts/frameworks/nextjs.jinja b/strix/prompts/frameworks/nextjs.jinja
index ddd2ce4c..84769223 100644
--- a/strix/prompts/frameworks/nextjs.jinja
+++ b/strix/prompts/frameworks/nextjs.jinja
@@ -31,18 +31,6 @@
 </high_value_targets>
 
 <advanced_techniques>
-<route_enumeration>
-- __BUILD_MANIFEST.sortedPages: Execute `console.log(__BUILD_MANIFEST.sortedPages.join('\n'))` in browser console to instantly reveal all registered routes (Pages Router and static App Router paths compiled at build time)
-- __NEXT_DATA__: Inspect `<script id="__NEXT_DATA__">` for serverside props, pageProps, buildId, and dynamic route params on current page; reveals data flow and prop structure
-- Source maps exposure: Check `/_next/static/` for exposed .map files revealing full route structure, server action IDs, API endpoints, and internal function names
-- Client bundle mining: Search main-*.js and page chunks for route definitions; grep for 'pathname:', 'href:', '__next_route__', 'serverActions', and API endpoint strings
-- Static chunk enumeration: Probe `/_next/static/chunks/pages/` and `/_next/static/chunks/app/` for build artifacts; filenames map directly to routes (e.g., `admin.js` → `/admin`)
-- Build manifest fetch: GET `/_next/static/<buildId>/_buildManifest.js` and `/_next/static/<buildId>/_ssgManifest.js` for complete route and static generation metadata
-- Sitemap/robots leakage: Check `/sitemap.xml`, `/robots.txt`, and `/sitemap-*.xml` for unintended exposure of admin/internal/preview paths
-- Server action discovery: Inspect Network tab for POST requests with `Next-Action` header; extract action IDs from response streams and client hydration data
-- Environment variable leakage: Execute `Object.keys(process.env).filter(k => k.startsWith('NEXT_PUBLIC_'))` in console to list public env vars; grep bundles for 'API_KEY', 'SECRET', 'TOKEN', 'PASSWORD' to find accidentally leaked credentials
-</route_enumeration>
-
 <middleware_bypass>
 - Test for CVE-class middleware bypass via `x-middleware-subrequest` crafting and `x-nextjs-data` probing. Look for 307 + `x-middleware-rewrite`/`x-nextjs-redirect` headers and attempt bypass on protected routes.
 - Attempt direct route access on Node vs Edge runtimes; confirm protection parity.
@@ -92,14 +80,6 @@
 - Identify `dangerouslySetInnerHTML`, Markdown renderers, and user-controlled href/src attributes. Validate CSP/Trusted Types coverage for SSR/CSR/hydration.
 - Attack hydration boundaries: server vs client render mismatches can enable gadget-based XSS.
 </client_and_dom>
-
-<data_fetching_over_exposure>
-- getServerSideProps/getStaticProps leakage: Execute `JSON.parse(document.getElementById('__NEXT_DATA__').textContent).props.pageProps` in console to inspect all server-fetched data; look for sensitive fields (emails, tokens, internal IDs, full user objects) passed to client but not rendered in UI
-- Over-fetched database queries: Check if pageProps include entire user records, relations, or admin-only fields when only username is displayed; common when using ORM select-all patterns
-- API response pass-through: Verify if API responses are sanitized before passing to props; developers often forward entire responses including metadata, cursors, or debug info
-- Environment-dependent data: Test if staging/dev accidentally exposes more fields in props than production due to inconsistent serialization logic
-- Nested object inspection: Drill into nested props objects; look for `_metadata`, `_internal`, `__typename` (GraphQL), or framework-added fields containing sensitive context
-</data_fetching_over_exposure>
 </advanced_techniques>
 
 <bypass_techniques>
@@ -107,8 +87,6 @@
 - Method override/tunneling: `_method`, `X-HTTP-Method-Override`, GET on endpoints unexpectedly accepting writes.
 - Case/param aliasing and query duplication affecting middleware vs handler parsing.
 - Cache key confusion at CDN/proxy (lack of Vary on auth cookies/headers) to leak personalized SSR/ISR content.
-- API route path normalization: Test `/api/users` vs `/api/users/` vs `/api//users` vs `/api/./users`; middleware may normalize differently than route handlers, allowing protection bypass. Try double slashes, trailing slashes, and dot segments.
-- Parameter pollution: Send duplicate query params (`?id=1&id=2`) or array notation (`?filter[]=a&filter[]=b`) to exploit parsing differences between middleware (which may check first value) and handler (which may use last or array).
 </bypass_techniques>
 
 <special_contexts>
@@ -129,10 +107,6 @@
 3. Demonstrate server action invocation outside UI with insufficient authorization checks.
 4. Show middleware bypass (where applicable) with explicit headers and resulting protected content.
 5. Include runtime parity checks (Edge vs Node) proving inconsistent enforcement.
-6. For route enumeration: verify discovered routes return 200/403 (deployed) not 404 (build artifacts); test with authenticated vs unauthenticated requests.
-7. For leaked credentials: test API keys with minimal read-only calls; filter placeholders (YOUR_API_KEY, demo-token); confirm keys match provider patterns (sk_live_*, pk_prod_*).
-8. For __NEXT_DATA__ over-exposure: test cross-user (User A's props should not contain User B's PII); verify exposed fields are not in DOM; validate token validity with API calls.
-9. For path normalization bypasses: show differential responses (403 vs 200 for path variants); redirects (307/308) don't count—only direct access bypasses matter.
 </validation>
 
 <pro_tips>
@@ -149,4 +123,4 @@
 </pro_tips>
 
 <remember>Next.js security breaks where identity, authorization, and caching diverge across routers, runtimes, and data paths. Bind subject, action, and object on every path, and key caches to identity and tenant explicitly.</remember>
-</nextjs_security_testing_guide>
+</nextjs_security_testing_guide>
\ No newline at end of file

From 2f2ca6883e36dbcb0afbc3fc6e34b2caba569648 Mon Sep 17 00:00:00 2001
From: ahmed <you@example.com>
Date: Fri, 2 Jan 2026 03:16:14 +0200
Subject: [PATCH 5/9]   docs: add resume feature example to README

---
 README.md                             | 12 ++++--------
 strix/prompts/frameworks/nextjs.jinja |  2 +-
 2 files changed, 5 insertions(+), 9 deletions(-)

diff --git a/README.md b/README.md
index 2e79a7d2..68150a9a 100644
--- a/README.md
+++ b/README.md
@@ -12,7 +12,6 @@
 
 [![Python](https://img.shields.io/pypi/pyversions/strix-agent?color=3776AB)](https://pypi.org/project/strix-agent/)
 [![PyPI](https://img.shields.io/pypi/v/strix-agent?color=10b981)](https://pypi.org/project/strix-agent/)
-![PyPI Downloads](https://static.pepy.tech/personalized-badge/strix-agent?period=total&units=INTERNATIONAL_SYSTEM&left_color=GREY&right_color=RED&left_text=Downloads)
 [![License](https://img.shields.io/badge/license-Apache%202.0-blue.svg)](LICENSE)
 
 [![GitHub Stars](https://img.shields.io/github/stars/usestrix/strix)](https://github.com/usestrix/strix)
@@ -151,12 +150,6 @@ strix --target https://github.com/org/repo
 strix --target https://your-app.com
 ```
 
-# Resume an interrupted scan
-
-strix --target https://your-app.com --run-name my-scan --resume
-
-````
-
 ### Advanced Testing Scenarios
 
 ```bash
@@ -171,7 +164,10 @@ strix --target api.your-app.com --instruction "Focus on business logic flaws and
 
 # Provide detailed instructions through file (e.g., rules of engagement, scope, exclusions)
 strix --target api.your-app.com --instruction-file ./instruction.md
-````
+
+# Resume an interrupted scan
+strix --target https://your-app.com --run-name my-scan --resume
+```
 
 ### 🤖 Headless Mode
 
diff --git a/strix/prompts/frameworks/nextjs.jinja b/strix/prompts/frameworks/nextjs.jinja
index 84769223..dc8179da 100644
--- a/strix/prompts/frameworks/nextjs.jinja
+++ b/strix/prompts/frameworks/nextjs.jinja
@@ -123,4 +123,4 @@
 </pro_tips>
 
 <remember>Next.js security breaks where identity, authorization, and caching diverge across routers, runtimes, and data paths. Bind subject, action, and object on every path, and key caches to identity and tenant explicitly.</remember>
-</nextjs_security_testing_guide>
\ No newline at end of file
+</nextjs_security_testing_guide>

From be364d1cdee1bd3e10c9e4a94b8b6b5734741c16 Mon Sep 17 00:00:00 2001
From: ahmed <you@example.com>
Date: Fri, 2 Jan 2026 03:21:43 +0200
Subject: [PATCH 6/9]   docs: add resume feature example to README

---
 README.md | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/README.md b/README.md
index 68150a9a..466ce14f 100644
--- a/README.md
+++ b/README.md
@@ -20,6 +20,7 @@
 
 <a href="https://trendshift.io/repositories/15362" target="_blank"><img src="https://trendshift.io/api/badge/repositories/15362" alt="usestrix%2Fstrix | Trendshift" style="width: 250px; height: 55px;" width="250" height="55"/></a>
 
+
 [![Ask DeepWiki](https://deepwiki.com/badge.svg)](https://deepwiki.com/usestrix/strix)
 
 </div>
@@ -32,7 +33,8 @@
 
 <br>
 
-> [!TIP] > **New!** Strix now integrates seamlessly with GitHub Actions and CI/CD pipelines. Automatically scan for vulnerabilities on every pull request and block insecure code before it reaches production!
+> [!TIP]
+> **New!** Strix now integrates seamlessly with GitHub Actions and CI/CD pipelines. Automatically scan for vulnerabilities on every pull request and block insecure code before it reaches production!
 
 ---
 
@@ -48,6 +50,7 @@ Strix are autonomous AI agents that act just like real hackers - they run your c
 - 💻 **Developer‑first** CLI with actionable reports
 - 🔄 **Auto‑fix & reporting** to accelerate remediation
 
+
 ## 🎯 Use Cases
 
 - **Application Security Testing** - Detect and validate critical vulnerabilities in your applications
@@ -60,7 +63,6 @@ Strix are autonomous AI agents that act just like real hackers - they run your c
 ## 🚀 Quick Start
 
 **Prerequisites:**
-
 - Docker (running)
 - An LLM provider key (e.g. [get OpenAI API key](https://platform.openai.com/api-keys) or use a local LLM)
 
@@ -164,9 +166,6 @@ strix --target api.your-app.com --instruction "Focus on business logic flaws and
 
 # Provide detailed instructions through file (e.g., rules of engagement, scope, exclusions)
 strix --target api.your-app.com --instruction-file ./instruction.md
-
-# Resume an interrupted scan
-strix --target https://your-app.com --run-name my-scan --resume
 ```
 
 ### 🤖 Headless Mode
@@ -228,11 +227,11 @@ Have questions? Found a bug? Want to contribute? **[Join our Discord!](https://d
 ## 🌟 Support the Project
 
 **Love Strix?** Give us a ⭐ on GitHub!
-
 ## 🙏 Acknowledgements
 
 Strix builds on the incredible work of open-source projects like [LiteLLM](https://github.com/BerriAI/litellm), [Caido](https://github.com/caido/caido), [ProjectDiscovery](https://github.com/projectdiscovery), [Playwright](https://github.com/microsoft/playwright), and [Textual](https://github.com/Textualize/textual). Huge thanks to their maintainers!
 
+
 > [!WARNING]
 > Only test apps you own or have permission to test. You are responsible for using Strix ethically and legally.
 

From a9c0244ce04b5270f28e94e62174f4a8982094d3 Mon Sep 17 00:00:00 2001
From: ahmed <you@example.com>
Date: Fri, 2 Jan 2026 03:23:13 +0200
Subject: [PATCH 7/9]   docs: add resume feature example to README

---
 README.md | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/README.md b/README.md
index 466ce14f..68150a9a 100644
--- a/README.md
+++ b/README.md
@@ -20,7 +20,6 @@
 
 <a href="https://trendshift.io/repositories/15362" target="_blank"><img src="https://trendshift.io/api/badge/repositories/15362" alt="usestrix%2Fstrix | Trendshift" style="width: 250px; height: 55px;" width="250" height="55"/></a>
 
-
 [![Ask DeepWiki](https://deepwiki.com/badge.svg)](https://deepwiki.com/usestrix/strix)
 
 </div>
@@ -33,8 +32,7 @@
 
 <br>
 
-> [!TIP]
-> **New!** Strix now integrates seamlessly with GitHub Actions and CI/CD pipelines. Automatically scan for vulnerabilities on every pull request and block insecure code before it reaches production!
+> [!TIP] > **New!** Strix now integrates seamlessly with GitHub Actions and CI/CD pipelines. Automatically scan for vulnerabilities on every pull request and block insecure code before it reaches production!
 
 ---
 
@@ -50,7 +48,6 @@ Strix are autonomous AI agents that act just like real hackers - they run your c
 - 💻 **Developer‑first** CLI with actionable reports
 - 🔄 **Auto‑fix & reporting** to accelerate remediation
 
-
 ## 🎯 Use Cases
 
 - **Application Security Testing** - Detect and validate critical vulnerabilities in your applications
@@ -63,6 +60,7 @@ Strix are autonomous AI agents that act just like real hackers - they run your c
 ## 🚀 Quick Start
 
 **Prerequisites:**
+
 - Docker (running)
 - An LLM provider key (e.g. [get OpenAI API key](https://platform.openai.com/api-keys) or use a local LLM)
 
@@ -166,6 +164,9 @@ strix --target api.your-app.com --instruction "Focus on business logic flaws and
 
 # Provide detailed instructions through file (e.g., rules of engagement, scope, exclusions)
 strix --target api.your-app.com --instruction-file ./instruction.md
+
+# Resume an interrupted scan
+strix --target https://your-app.com --run-name my-scan --resume
 ```
 
 ### 🤖 Headless Mode
@@ -227,11 +228,11 @@ Have questions? Found a bug? Want to contribute? **[Join our Discord!](https://d
 ## 🌟 Support the Project
 
 **Love Strix?** Give us a ⭐ on GitHub!
+
 ## 🙏 Acknowledgements
 
 Strix builds on the incredible work of open-source projects like [LiteLLM](https://github.com/BerriAI/litellm), [Caido](https://github.com/caido/caido), [ProjectDiscovery](https://github.com/projectdiscovery), [Playwright](https://github.com/microsoft/playwright), and [Textual](https://github.com/Textualize/textual). Huge thanks to their maintainers!
 
-
 > [!WARNING]
 > Only test apps you own or have permission to test. You are responsible for using Strix ethically and legally.
 

From 58c4d8c3f01da54459e6ea1c6b9e2433e7e0b4d1 Mon Sep 17 00:00:00 2001
From: ahmed <you@example.com>
Date: Fri, 2 Jan 2026 03:25:52 +0200
Subject: [PATCH 8/9]   docs: add resume feature example to README

---
 pyproject.toml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pyproject.toml b/pyproject.toml
index 73f9ef60..e76c21f1 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -46,7 +46,7 @@ strix = "strix.interface.main:main"
 [tool.poetry.dependencies]
 python = "^3.12"
 # Core CLI dependencies
-litellm = ">=1.43.0"
+litellm = { version = "~1.80.7", extras = ["proxy"] }
 tenacity = "^9.0.0"
 pydantic = {extras = ["email"], version = "^2.11.3"}
 rich = "*"

From 5661510f31bd3d1b15140004cfad390889a231aa Mon Sep 17 00:00:00 2001
From: ahmed <you@example.com>
Date: Fri, 2 Jan 2026 03:32:50 +0200
Subject: [PATCH 9/9]   docs: add resume feature example to README

---
 README.md | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 68150a9a..94ce6fd8 100644
--- a/README.md
+++ b/README.md
@@ -20,6 +20,7 @@
 
 <a href="https://trendshift.io/repositories/15362" target="_blank"><img src="https://trendshift.io/api/badge/repositories/15362" alt="usestrix%2Fstrix | Trendshift" style="width: 250px; height: 55px;" width="250" height="55"/></a>
 
+
 [![Ask DeepWiki](https://deepwiki.com/badge.svg)](https://deepwiki.com/usestrix/strix)
 
 </div>
@@ -32,7 +33,8 @@
 
 <br>
 
-> [!TIP] > **New!** Strix now integrates seamlessly with GitHub Actions and CI/CD pipelines. Automatically scan for vulnerabilities on every pull request and block insecure code before it reaches production!
+> [!TIP]
+> **New!** Strix now integrates seamlessly with GitHub Actions and CI/CD pipelines. Automatically scan for vulnerabilities on every pull request and block insecure code before it reaches production!
 
 ---
 
@@ -48,6 +50,7 @@ Strix are autonomous AI agents that act just like real hackers - they run your c
 - 💻 **Developer‑first** CLI with actionable reports
 - 🔄 **Auto‑fix & reporting** to accelerate remediation
 
+
 ## 🎯 Use Cases
 
 - **Application Security Testing** - Detect and validate critical vulnerabilities in your applications
@@ -60,7 +63,6 @@ Strix are autonomous AI agents that act just like real hackers - they run your c
 ## 🚀 Quick Start
 
 **Prerequisites:**
-
 - Docker (running)
 - An LLM provider key (e.g. [get OpenAI API key](https://platform.openai.com/api-keys) or use a local LLM)
 
@@ -228,11 +230,11 @@ Have questions? Found a bug? Want to contribute? **[Join our Discord!](https://d
 ## 🌟 Support the Project
 
 **Love Strix?** Give us a ⭐ on GitHub!
-
 ## 🙏 Acknowledgements
 
 Strix builds on the incredible work of open-source projects like [LiteLLM](https://github.com/BerriAI/litellm), [Caido](https://github.com/caido/caido), [ProjectDiscovery](https://github.com/projectdiscovery), [Playwright](https://github.com/microsoft/playwright), and [Textual](https://github.com/Textualize/textual). Huge thanks to their maintainers!
 
+
 > [!WARNING]
 > Only test apps you own or have permission to test. You are responsible for using Strix ethically and legally.