AI0Day

Setup Guide

接入指南

Step-by-step instructions to integrate the AI0Day API. Trial keys give you 24 hours / 1,000 requests starting from your first call (keys are dormant until activated). Paid plan is $10K per key per month.

从 0 到接入 AI0Day 的完整指南。试用密钥有效期 24 小时 / 1,000 次请求,从首次调用开始计时(未使用前不消耗时间)。付费方案为每月 $10,000 / 密钥。

01Get a key获取密钥

Email contact@ai0day.com with your name, organization, and intended use case (red team / blue team / audit / research). We respond within 24 h with either a trial key or a paid invoice.

Keys look like sk-ai0day-<32 hex>. Store them in a password manager — they cannot be recovered if lost (we hash them).

发邮件到 contact@ai0day.com,注明姓名、组织、使用场景(红队 / 蓝队 / 审计 / 研究)。我们在 24 小时内回复,发给您试用密钥或付费方案的发票。

密钥格式为 sk-ai0day-<32 位十六进制>。请用密码管理器妥善保存 — 我们只存储 hash,密钥一旦丢失无法找回。

02Verify your key验证密钥

Run the curl below. A 200 response with a markdown body confirms the key works.

运行下面的 curl 命令。返回 200 + markdown 内容即表示密钥可用。

KEY="sk-ai0day-…paste-your-key…"
curl -s https://api.ai0day.com/v1/chat \
  -H "Authorization: Bearer $KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "messages": [{"role": "user", "content": "Detect APT41 lateral movement signatures."}],
    "mode": "apt_detection",
    "max_tokens": 600
  }'

The mode field selects the security retrieval pipeline. Valid values:

mode 字段选择对应的安全检索 pipeline。可选值:

modeUse for用途
apt_detectionThreat actors, MITRE ATT&CK, kill chains, lateral movement, C2威胁组织、MITRE ATT&CK、杀伤链、横向移动、C2 通信
reverse_analysisDisassembly, decompilation, packers, anti-debug, malware family反汇编、反编译、加壳、反调试、恶意软件家族
vuln_triageCVE analysis, CVSS, exploit conditions, kernel/userspace memory bugsCVE 分析、CVSS 评分、利用条件、内核/用户空间内存漏洞
web3_auditSolidity reentrancy, oracle manipulation, flash loans, MEVSolidity 重入、预言机操纵、闪电贷、MEV

Omit mode and the gateway will auto-detect from the query content.

如果不传 mode,gateway 会从问题内容自动判断。

03Use with Claude Code配置 Claude Code

Two environment variables redirect Claude Code to AI0Day. The model is auto-selected — you don't have to pick.

设置两个环境变量即可让 Claude Code 走 AI0Day。模型由 gateway 自动选择,无需手动指定。

# In ~/.zshrc or ~/.bashrc
export ANTHROPIC_BASE_URL="https://api.ai0day.com"
export ANTHROPIC_AUTH_TOKEN="sk-ai0day-…paste-your-key…"

# Restart shell, then:
claude --version
claude -p "Detect APT41 lateral movement in Linux."

# Or interactive:
claude
> Audit contracts/Vault.sol for reentrancy. Output severity + line refs.
Tip: 提示: Multi-turn history is preserved. Tool use (function calling) and token-by-token SSE streaming are on the roadmap. 多轮对话历史会保留。Function calling 与逐 token SSE 流式响应将在后续版本支持。

04Use with OpenAI SDK配置 OpenAI SDK

Works with the openai Python SDK, litellm, continue.dev, or any OpenAI-compatible client.

兼容 openai Python SDK / litellm / continue.dev 等 OpenAI 兼容客户端。

pip install openai

export OPENAI_BASE_URL="https://api.ai0day.com/v1"
export OPENAI_API_KEY="sk-ai0day-…"
from openai import OpenAI
cli = OpenAI()

# Auto-detect mode:
r = cli.chat.completions.create(
    model="ai0day",                   # any non-empty string
    messages=[{"role": "user", "content": "Triage CVE-2024-3400."}],
)
print(r.choices[0].message.content)

# Force a mode by suffix:
r = cli.chat.completions.create(
    model="ai0day-vuln_triage",
    messages=[...],
)

05Use with Anthropic SDK配置 Anthropic SDK

pip install anthropic
import os
from anthropic import Anthropic

cli = Anthropic(
    base_url="https://api.ai0day.com",
    api_key=os.environ["AI0DAY_KEY"],
)

resp = cli.messages.create(
    model="ai0day",
    max_tokens=1024,
    messages=[{"role": "user", "content": "Reverse engineer 0x55 0x48 0x89 0xe5."}],
)
print(resp.content[0].text)

06Limits & quotas限制与配额

  • Concurrency: 5 concurrent globally, 2 per key. Excess requests queue up to 60 s, then return HTTP 429 with Retry-After: 30.
  • Latency: P50 ~12 s, P95 ~30 s. Long-context queries (rag_k=8) ~14–22 s.
  • Context window: up to 16 K tokens.
  • Trial activation: keys are dormant until first use. The 24-hour window starts at your first successful call.
  • Trial quota: 1,000 requests in a rolling 24-hour window. Hitting it returns HTTP 429 quota_exceeded.
  • Streaming: stream: true currently emits one chunk; real token-by-token SSE is on the roadmap.
  • Tool use: not supported in this release. tools in the body is accepted but ignored.
  • 并发:全局最多 5 个并发,单密钥最多 2 个。超出会排队 ≤60 秒,之后返回 HTTP 429Retry-After: 30
  • 延迟:P50 约 12 秒,P95 约 30 秒。长上下文查询(rag_k=8)约 14–22 秒。
  • 上下文窗口:最多 16K tokens。
  • 试用激活:密钥发出后处于休眠状态,首次调用才开始计时。
  • 试用额度:滚动 24 小时窗口内 1,000 次请求。达到上限返回 HTTP 429 quota_exceeded
  • 流式响应:当前 stream: true 只发一个 chunk;真正的逐 token SSE 在 roadmap 上。
  • Function calling:本版本不支持。请求体里的 tools 字段会被忽略。

07Troubleshooting常见错误

Error错误Meaning含义Fix解决
HTTP 401 invalid_api_key Key not recognized 密钥无法识别 Check spelling, paste exact value 检查拼写,复制完整密钥
HTTP 401 key_expired Trial expired (24 h) 试用期已结束(24 小时) Request a paid key 联系我们升级付费方案
HTTP 429 concurrency_limit_user 2 in-flight already 单密钥已有 2 个进行中 Reduce parallelism to 1–2 把并发降到 1–2
HTTP 429 concurrency_limit_global All 5 global slots taken 全局 5 个并发已满 Retry in a few seconds 几秒后重试
HTTP 502 / 504 Backend overloaded or restarting 后端过载或正在重启 Retry with backoff 指数退避后重试

08Feedback反馈

Reply to whoever sent you the trial document, or email contact@ai0day.com with:

  • Which mode worked best for your workflow
  • Any output that was clearly wrong
  • Features you'd like (longer context, tool use, fine-tuning your data)

To continue using AI0Day after the trial, ask about the Monthly plan ($10K/month/key).

回复试用文档的发送者,或者邮件到 contact@ai0day.com,告诉我们:

  • 哪个 mode 对你的工作流最有用
  • 有哪些明显错误的输出
  • 希望的功能(更长上下文 / function calling / 用你的数据微调)

试用后想继续使用,请咨询 Monthly 方案($10K / 月 / 密钥)。