Proposed changes

Fixes: #5567

Key features:

• Metadata fields support Profiles can include name, purpose, and description fields for documentation without triggering errors

• Inline content Targets can be defined directly inside profiles using YAML | syntax instead of requiring separate files

• Embedded secrets Authentication and other sensitive configuration can be included directly in the profile under a secrets key

• CLI flag priority Command-line flags always override profile values to keep existing workflows flexible

Proof

also tested integration tests with dummy enhanced profile yaml

name: test-scan
purpose: Comprehensive security scan
description: Scans production infrastructure for CVEs

# Inline target list (no separate file needed)
list: |
  api.example.com
  app.example.com

# Embedded secrets (no separate file needed)
secrets:
  static:
    - type: header
      headers:
        - key: X-API-Key
          value: your-key-here

# Regular config
tags: [cve, exposure]
timeout: 30

nuclei -tp test-scan.yml

Checklist

• Pull request is created against the dev branch
• All checks passed (lint, unit/integration/regression tests etc.) with my changes
• I have added tests that prove my fix is effective or that my feature works
• I have added necessary documentation (if appropriate)

/claim #5567

Summary by CodeRabbit

Release Notes

• Refactor

  • Improved profile configuration loading and processing pipeline with enhanced handling of embedded secrets and target lists.
  • Refined temporary resource cleanup mechanisms to ensure proper cleanup after profile execution.

• Tests

  • Added comprehensive profile configuration test suite.

• Style

  • Code formatting and alignment adjustments.