[FEATURE] Integrate Secret File with SOPS

[dwisiswant0]

Describe your feature request

Support secret files encrypted with SOPS (Secrets Operations). Basically, the idea is to let users work with encrypted files directly, so stuff like API keys, credentials, and sensitive configs stay secure. Nuclei would handle the decryption part on the fly, making things way safer and easier to manage.

Describe the use case of the feature

• Encrypt any sensitive data, store it in repo, and never worry about exposing plaintext secrets.
• Just point Nuclei to a SOPS-encrypted file, and it handles the rest. No extra steps like decrypting manually.
• Makes it easier to follow security policies that require encryption while reducing the risk of leaks.

Describe alternatives you've considered

Store secrets as env vars. This is okay for small setups, but it gets messy with lots of secrets.

Ref:

• [FEATURE] Add Env variables to dynamic secret file variables #5834
• Add env helper function dsl#192

Additional context

SOPS is super handy for encrypting files and works with backends like GCP KMS, AWS KMS, Azure Key Vault, HashiCorp Vault, and even age.

[github-actions]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed in 7 days if no further activity occurs. Thank you for your contributions!

[github-actions]

This issue has been automatically closed due to inactivity. If you think this is a mistake or would like to continue the discussion, please comment or feel free to reopen it.