🤖

AI Key Configuration

Configure your Claude API key to unlock full agentic orchestration, AI-written reports, and context-aware payload generation.

Without an AI key: All 60+ scanning tools remain fully active. Manual and semi-automated modes work completely. Reports use template-based generation. CVSS scoring uses formula-based calculation. You can add an AI key at any time.

Prerequisites

  • Anthropic account at console.anthropic.com
  • API key starting with sk-ant-
  • Sufficient API credits (Claude Sonnet usage ~$3–15 per full pentest engagement)
  • Internet access from the PhantomYerra machine (not required in air-gapped mode)
  1. 1

    Get Your Claude API Key

    Log into console.anthropic.com. Navigate to API Keys → Create Key. Name it "PhantomYerra". Copy the key — it starts with sk-ant-api03-….

    Warning: You only see the full key once. Copy it immediately and store it securely. If lost, create a new key.
  2. 2

    Enter Key in PhantomYerra

    Go to Settings → AI Configuration → Anthropic Claude. Paste your API key and click Save & Validate.

    💡 The key is immediately encrypted with AES-256-GCM and stored at data/ai_keys.enc. It is never stored in plaintext or logged.
  3. 3

    Validation Test

    PhantomYerra sends a minimal test request to the Claude API to confirm the key is valid and has credits. You'll see:

    ✅ Claude API key validated Model : claude-sonnet-4-20250514 Status : Active Credits: Sufficient
  4. 4

    Confirm AI Features Are Unlocked

    On the Home Screen, the Automated AI Mode card should now show "AI Active" with a purple indicator. The AI orchestration toggle is available in the Mission Control Wizard.

What You Unlock with a Claude Key

  • Full Automated AI Pentesting mode — Claude plans and executes the entire engagement
  • Context-aware payload generation for XSS, SQLi, SSRF, and more
  • Professional PoC narrative writing with business impact analysis
  • Business logic vulnerability discovery via AI interview + testing
  • Attack chain correlation — Claude links findings into attack paths
  • Auto-remediation code generation (Terraform, Kubernetes, Python patches)
  • AI-written executive reports with risk narrative
  • Agentic scan orchestration — plans, adapts, and re-tests based on findings
⏱️ Key setup takes under 2 minutes. Validation completes in under 5 seconds.

Common Issues

Ensure you copied the full key including the sk-ant-api03- prefix. Check for leading/trailing spaces. Generate a new key from console.anthropic.com if the issue persists. Keys are invalidated if you regenerate them in the Anthropic console.

PhantomYerra detects credit exhaustion and shows a non-blocking notification. The current scan pauses the AI orchestration and continues with tool-based scanning (no AI features). Update your API key or add credits, then resume from Settings → AI Configuration → Resume Scan.

Run ollama list to see installed models. If empty, run ollama pull deepseek-r1:7b. Ensure Ollama service is running: ollama serve (or it starts automatically in most installations).

At data/ai_keys.enc — AES-256-GCM encrypted using a machine-specific key derived from the hardware fingerprint. The encryption key never leaves the machine. If you reinstall PhantomYerra on the same machine, the key can be decrypted. On a new machine, re-enter the API key.

Related Topics

⚡ Automated AI Mode 🔒 Air-Gapped Mode 🔑 License Activation
© Ravi Yerra. All Rights Reserved.