Follow-up for #5567 focused on secure, practical profile materialization.

Proposed Changes

• sanitize profile metadata before goflags merge (ignore: id, name, purpose, description)
• add inline secrets support from profile YAML:
  • secrets map/string is written to a temp secrets file
  • temp secrets file is appended to options.SecretsFile
• improve inline list materialization:
  • supports multiline string and string-array forms
  • writes to temp target list file
• add runtime cleanup registry for temp files created from profile materialization
• add guardrails:
  • max template profile size limit
  • max inline targets size limit
  • max inline secrets size limit
• preserve explicit CLI -l/--list and -sf/--secret-file precedence over profile values

Proof

go test ./cmd/nuclei -run 'TestSanitizeTemplateProfileForMerge|TestMaterializeInlineListTargets|TestMaterializeInlineSecretsFromProfile' -count=1
go test ./cmd/nuclei -run TestNonExistent -count=1

Checklist

• PR created against dev
• Tests added for new behavior
• Proof commands included

/claim #5567

Summary by CodeRabbit

• New Features

  • Materialize inline targets and secrets from template profiles into CLI options, while preserving any CLI-provided values.

• Bug Fixes / Reliability

  • Register and run runtime cleanup for temporary artifacts on exit, errors, and interrupt (CTRL+C).

• Chores

  • Sanitize sensitive profile fields and enforce size limits for profiles, inline targets, and inline secrets.

• Tests

  • Added tests covering profile sanitization, inline targets/secrets materialization, and related error handling.