Skip to main content
Nuclei supports various environment variables that allow you to configure its behavior without command-line flags. This is particularly useful for automation, CI/CD pipelines, and containerized environments.

Core environment variables

Template signing

NUCLEI_SIGNATURE_PRIVATE_KEY
string
Private key used for signing templates. Required when using the -sign flag.
export NUCLEI_SIGNATURE_PRIVATE_KEY="path/to/private.key"
nuclei -sign -t templates/
NUCLEI_SIGNATURE_PUBLIC_KEY
string
Public key used for verifying template signatures.
export NUCLEI_SIGNATURE_PUBLIC_KEY="path/to/public.key"

Template locations

NUCLEI_TEMPLATES_PATH
string
Override the default templates directory location.
export NUCLEI_TEMPLATES_PATH="/custom/templates/path"

Authentication

GITHUB_TOKEN
string
GitHub personal access token for:
  • Downloading private templates from GitHub
  • Creating issues via GitHub integration
  • Avoiding rate limits
export GITHUB_TOKEN="ghp_xxxxxxxxxxxx"
GITLAB_TOKEN
string
GitLab personal access token for GitLab integrations.
export GITLAB_TOKEN="glpat-xxxxxxxxxxxx"
JIRA_API_TOKEN
string
Jira API token for issue tracking integration.
export JIRA_API_TOKEN="your-api-token"

Cloud integration

PDCP_API_KEY
string
ProjectDiscovery Cloud Platform API key for cloud integration.
export PDCP_API_KEY="pdcp_xxxxxxxxxxxx"
nuclei -target example.com -dashboard

AWS credentials

AWS_ACCESS_KEY_ID
string
AWS access key for S3 template storage and AWS-related templates.
AWS_SECRET_ACCESS_KEY
string
AWS secret access key.
AWS_REGION
string
AWS region for S3 operations. Defaults to us-east-1.

Azure credentials

AZURE_STORAGE_ACCOUNT
string
Azure storage account name for Azure Blob Storage templates.
AZURE_STORAGE_KEY
string
Azure storage account access key.

Debug and development

DEBUG
boolean
Enable debug output for troubleshooting.
export DEBUG=true
nuclei -target example.com
SHOW_DSL_ERRORS
boolean
Show DSL function execution errors in output.
export SHOW_DSL_ERRORS=true
DEBUG_TEMPLATES
string
Debug specific templates by path or ID.
export DEBUG_TEMPLATES="cves/2021/CVE-2021-44228.yaml"

Proxy configuration

HTTP_PROXY
string
HTTP proxy server for Nuclei requests.
export HTTP_PROXY="http://proxy.example.com:8080"
HTTPS_PROXY
string
HTTPS proxy server.
export HTTPS_PROXY="http://proxy.example.com:8443"
NO_PROXY
string
Comma-separated list of domains to bypass proxy.
export NO_PROXY="localhost,127.0.0.1,.internal.com"

Interactsh configuration

INTERACTSH_SERVER
string
Custom Interactsh server URL for OAST testing.
export INTERACTSH_SERVER="https://interactsh.example.com"
INTERACTSH_TOKEN
string
Authentication token for self-hosted Interactsh servers.
export INTERACTSH_TOKEN="your-token"

Output and reporting

MARKDOWN_EXPORT_SORT_MODE
string
Sort mode for Markdown exports. Options: template, severity, host.
export MARKDOWN_EXPORT_SORT_MODE="template"
nuclei -target example.com -markdown-export report/

CI/CD integration examples

GitHub Actions

name: Nuclei Scan
on: [push]

jobs:
  security-scan:
    runs-on: ubuntu-latest
    steps:
      - name: Run Nuclei
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          PDCP_API_KEY: ${{ secrets.PDCP_API_KEY }}
        run: |
          nuclei -target ${{ github.event.repository.url }} \
            -json-export results.json \
            -dashboard

GitLab CI

security-scan:
  stage: test
  variables:
    GITLAB_TOKEN: $CI_JOB_TOKEN
    DEBUG: "true"
  script:
    - nuclei -target $CI_PROJECT_URL -json-export results.json
  artifacts:
    paths:
      - results.json

Docker

docker run \
  -e GITHUB_TOKEN="$GITHUB_TOKEN" \
  -e PDCP_API_KEY="$PDCP_API_KEY" \
  -v $(pwd)/results:/results \
  projectdiscovery/nuclei:latest \
  -target example.com \
  -json-export /results/output.json

Secrets management

Never commit credentials or API tokens to version control. Use your CI/CD platform’s secrets management or environment-specific .env files.

Using .env files locally

Create a .env file (add to .gitignore): 
# .env
GITHUB_TOKEN=ghp_xxxxxxxxxxxx
PDCP_API_KEY=pdcp_xxxxxxxxxxxx
JIRA_API_TOKEN=your-jira-token
Load it before running Nuclei: 
source .env
nuclei -target example.com

Using Docker secrets

# Create secrets
echo "your-token" | docker secret create github_token -

# Use in Docker Compose
services:
  nuclei:
    image: projectdiscovery/nuclei:latest
    secrets:
      - github_token
    environment:
      GITHUB_TOKEN: /run/secrets/github_token

Variable precedence

Configuration is applied in this order (later overrides earlier):
  1. Default values
  2. Configuration file (~/.config/nuclei/config.yaml)
  3. Environment variables
  4. Command-line flags
Environment variables are useful when you need different settings per environment (dev/staging/prod) without changing code.

Best practices

Store sensitive tokens in:
  • GitHub Secrets (GitHub Actions)
  • GitLab CI/CD Variables (GitLab CI)
  • Azure Key Vault (Azure Pipelines)
  • AWS Secrets Manager (AWS environments)
  • HashiCorp Vault (enterprise)
Set expiration dates on API tokens and rotate them periodically. Update your CI/CD secrets when rotating.
Grant tokens only the minimum permissions needed:
  • GitHub: repo scope for private templates
  • Jira: Issue creation only
  • Cloud platforms: Read-only for templates
Use different tokens for dev/staging/prod environments to limit blast radius of compromised credentials.

Troubleshooting

Check:
  1. Variable is properly exported: echo $VARIABLE_NAME
  2. No typos in variable names (they’re case-sensitive)
  3. Command-line flags don’t override the environment variable
  4. Restart shell session after setting variables
Verify:
  1. Token is valid and not expired
  2. Token has required permissions/scopes
  3. No extra whitespace in token value
  4. Token format is correct for the service
Debug with:
export DEBUG=true
nuclei -target example.com -debug-req
Check:
  1. Proxy URL format is correct
  2. Proxy is accessible from your environment
  3. NO_PROXY excludes internal domains if needed

Next steps

Reporting integrations

Set up Jira, Slack, and other integrations

Authentication

Configure authentication for private templates

Build docs developers (and LLMs) love

Get started for freeTalk to us