profile_id: request-smuggling-generic
match_rules:
  keywords:
    - request smuggling
    - http desync
vuln_family: request-smuggling
provisioning_mode: synthetic
artifact_source:
  strategy: synthetic-proxy-pair
required_services:
  - app
seed_actions:
  - kind: note
    message: Stand up isolated proxy/app pair only; do not forward to unrelated targets.
baseline_actions:
  - kind: http-get
    path: /
attack_actions:
  - kind: note
    message: Run minimal ambiguous request probes and capture both proxy and app logs.
browser_assertions:
  required: false
success_criteria:
  - Proxy and backend parse disagreement is captured in evidence.
cleanup_policy: destroy
destructive_risk: high
allowed_target_types:
  - lab-local
  - lab-public
  - authorized-third-party