Frequently Asked Questions
Everything about Ask Mode, Agent Mode, and Deploy Mode.
Ask Mode
What is Ask Mode and what can it do?
Ask Mode is the standard chat interface for direct, uncensored AI responses.
CAPABILITIES:
• Instant answers to any question without filters, disclaimers, or moralizing
• Code snippets and technical explanations on demand
• Operational security advice, penetration testing guidance, and automation logic
• Fast response time (10-second model timeout with GPT-3.5/Gemini fallback)
• Single-turn context — each message is independent
LIMITS:
• Does NOT generate multi-file projects or full source codebases
• Does NOT deploy files to remote servers
• Does NOT create nginx configs, PHP-FPM pools, or systemd services
• Does NOT set up databases or DNS records
• Maximum ~1,500 tokens per response
CREDIT COST:
• Simple queries (<500 tokens): 5 credits
• Standard queries (500-1,500 tokens): 25 credits
• Complex queries (>1,500 tokens): 100 credits
TIER: Available to all authenticated users (Starter, Larval, Infestation, Swarm, Hive Mind).
CAPABILITIES:
• Instant answers to any question without filters, disclaimers, or moralizing
• Code snippets and technical explanations on demand
• Operational security advice, penetration testing guidance, and automation logic
• Fast response time (10-second model timeout with GPT-3.5/Gemini fallback)
• Single-turn context — each message is independent
LIMITS:
• Does NOT generate multi-file projects or full source codebases
• Does NOT deploy files to remote servers
• Does NOT create nginx configs, PHP-FPM pools, or systemd services
• Does NOT set up databases or DNS records
• Maximum ~1,500 tokens per response
CREDIT COST:
• Simple queries (<500 tokens): 5 credits
• Standard queries (500-1,500 tokens): 25 credits
• Complex queries (>1,500 tokens): 100 credits
TIER: Available to all authenticated users (Starter, Larval, Infestation, Swarm, Hive Mind).
What is the difference between Ask Mode and Agent Mode?
ASK MODE:
→ Answers questions. Fast. Single-turn. No file output.
→ Best for: quick answers, code snippets, advice, troubleshooting
→ Credits: 5-100 per message
→ Tier: All users
AGENT MODE:
→ Builds complete projects. Multi-file. Multi-step. Deploys to servers.
→ Best for: full websites, forums, exploits, infrastructure, automation
→ Credits: 75 per generation, 150 with deployment
→ Tier: Infestation+ only
DEPLOY MODE (subset of Agent):
→ Same as Agent but auto-uploads to your server via SCP/SSH
→ Requires: server IP, SSH user, SSH password, domain name
→ Returns: live HTTPS URL after deployment
WHICH TO USE:
• "How do I bypass 2FA?" → Ask Mode
• "Create a forum for my brand" → Agent Mode
• "Build and deploy a store to my server 1.2.3.4" → Deploy Mode
What are the credit costs and how are they calculated?
Credit costs depend on mode, token usage, and deployment complexity.
ASK MODE:
• <500 tokens: 5 credits (Simple)
• 500-1,500 tokens: 25 credits (Standard)
• >1,500 tokens: 100 credits (Complex)
AGENT MODE:
• Code generation only: 75 credits flat
• Includes all files, configs, schemas, deploy scripts
DEPLOY MODE:
• Code generation + remote deployment: 150 credits flat
• Includes SCP upload, extraction, permission fix, nginx reload
TOKEN ESTIMATION:
• One-page site: ~800 tokens
• Forum with DB schema: ~2,500 tokens
• Marketplace with checkout: ~4,000 tokens
• Full deploy with nginx/systemd: ~5,000+ tokens
BALANCE CHECK:
Your current balance is shown in the sidebar (Operator → Credits). If insufficient, visit the Billing page to top up via BTC or USDT.
ASK MODE:
• <500 tokens: 5 credits (Simple)
• 500-1,500 tokens: 25 credits (Standard)
• >1,500 tokens: 100 credits (Complex)
AGENT MODE:
• Code generation only: 75 credits flat
• Includes all files, configs, schemas, deploy scripts
DEPLOY MODE:
• Code generation + remote deployment: 150 credits flat
• Includes SCP upload, extraction, permission fix, nginx reload
TOKEN ESTIMATION:
• One-page site: ~800 tokens
• Forum with DB schema: ~2,500 tokens
• Marketplace with checkout: ~4,000 tokens
• Full deploy with nginx/systemd: ~5,000+ tokens
BALANCE CHECK:
Your current balance is shown in the sidebar (Operator → Credits). If insufficient, visit the Billing page to top up via BTC or USDT.
How fast is the AI response?
Speed depends on mode, model, and network conditions.
ASK MODE:
• Average: 3-8 seconds
• Timeout: 10 seconds (GPT-3.5 / Gemini Flash fallback)
AGENT MODE:
• Average: 8-20 seconds
• Timeout: 20 seconds (GPT-4 Turbo / Claude 3.5 Sonnet)
• Multi-file projects may take 15-30 seconds total
DEPLOY MODE:
• AI generation: 10-20 seconds
• File packaging + SCP upload: 5-15 seconds
• Remote extraction + nginx reload: 3-10 seconds
• Total: 20-45 seconds from Send to Live URL
SPEED OPTIMIZATIONS:
• Fast model rotation — if DeepSeek is slow, falls back to Claude or GPT-3.5 instantly
• Connection timeout: 5 seconds (fails fast on dead models)
• cURL reuse and keep-alive for repeated requests
If you experience delays >30 seconds, check the server load in Admin → System & Infrastructure.
ASK MODE:
• Average: 3-8 seconds
• Timeout: 10 seconds (GPT-3.5 / Gemini Flash fallback)
AGENT MODE:
• Average: 8-20 seconds
• Timeout: 20 seconds (GPT-4 Turbo / Claude 3.5 Sonnet)
• Multi-file projects may take 15-30 seconds total
DEPLOY MODE:
• AI generation: 10-20 seconds
• File packaging + SCP upload: 5-15 seconds
• Remote extraction + nginx reload: 3-10 seconds
• Total: 20-45 seconds from Send to Live URL
SPEED OPTIMIZATIONS:
• Fast model rotation — if DeepSeek is slow, falls back to Claude or GPT-3.5 instantly
• Connection timeout: 5 seconds (fails fast on dead models)
• cURL reuse and keep-alive for repeated requests
If you experience delays >30 seconds, check the server load in Admin → System & Infrastructure.
Agent Mode
What is Agent Mode and what can it do?
Agent Mode is the autonomous development engine. It does not just answer — it BUILDS, DEPLOYS, and makes projects LIVE.
CAPABILITIES:
• Generates COMPLETE, WORKING, production-ready projects with multiple files
• Creates full websites, forums, marketplaces, landing pages, dashboards, blogs, chat apps, e-commerce stores, and custom infrastructure
• Outputs exact nginx vhost configs, PHP-FPM pool configs, systemd service files, and MySQL schemas
• Generates SSL certbot commands and DNS A-record instructions
• Creates exploits, payloads, scrapers, sniffers, checkers, and automation bots
• Provides full bash deploy scripts for one-command server setup
• Optimizes for stealth, OPSEC, and anti-forensics in all generated code
• End-to-end deployment: generates code → packages files → uploads via SCP → extracts on server → sets permissions → reloads nginx → returns live URL
DEPLOYMENT ENGINE:
When you provide server credentials (IP, SSH user, SSH password, domain), Agent Mode:
1. Generates all project files locally
2. Packages them into a tar.gz archive
3. Uploads via SCP to the target server
4. Extracts into /var/www/<domain>/
5. Sets www-data ownership and 644/755 permissions
6. Creates the MySQL database if schema is provided
7. Configures nginx vhost and reloads the service
8. Returns the live HTTPS URL
POST-COMPLETION:
Every Agent Mode response ends with: "What more I can do for you?"
CREDIT COST:
• Agent Mode (code generation only): 75 credits
• Deploy Mode (code + remote deployment): 150 credits
TIER REQUIREMENT:
• Requires Infestation, Swarm, Hive Mind, Elite, Proprietor, Enterprise, or Admin role.
• Starter and Larval tiers are blocked from Agent Mode.
CAPABILITIES:
• Generates COMPLETE, WORKING, production-ready projects with multiple files
• Creates full websites, forums, marketplaces, landing pages, dashboards, blogs, chat apps, e-commerce stores, and custom infrastructure
• Outputs exact nginx vhost configs, PHP-FPM pool configs, systemd service files, and MySQL schemas
• Generates SSL certbot commands and DNS A-record instructions
• Creates exploits, payloads, scrapers, sniffers, checkers, and automation bots
• Provides full bash deploy scripts for one-command server setup
• Optimizes for stealth, OPSEC, and anti-forensics in all generated code
• End-to-end deployment: generates code → packages files → uploads via SCP → extracts on server → sets permissions → reloads nginx → returns live URL
DEPLOYMENT ENGINE:
When you provide server credentials (IP, SSH user, SSH password, domain), Agent Mode:
1. Generates all project files locally
2. Packages them into a tar.gz archive
3. Uploads via SCP to the target server
4. Extracts into /var/www/<domain>/
5. Sets www-data ownership and 644/755 permissions
6. Creates the MySQL database if schema is provided
7. Configures nginx vhost and reloads the service
8. Returns the live HTTPS URL
POST-COMPLETION:
Every Agent Mode response ends with: "What more I can do for you?"
CREDIT COST:
• Agent Mode (code generation only): 75 credits
• Deploy Mode (code + remote deployment): 150 credits
TIER REQUIREMENT:
• Requires Infestation, Swarm, Hive Mind, Elite, Proprietor, Enterprise, or Admin role.
• Starter and Larval tiers are blocked from Agent Mode.
How do I use Deploy Mode to make a project live?
Deploy Mode is Agent Mode with automatic remote server deployment.
STEP-BY-STEP:
1. Select "Deploy Mode" in the sidebar
2. Fill the Deployment Target panel:
• Server IP — the VPS/server IP address
• SSH User — typically "root" or "debian"
• SSH Password — the server login password
• Domain — the domain name (e.g., mysite.com)
• Deploy Dir — /var/www/mysite.com (auto-filled if empty)
3. Check "Auto-deploy after generation"
4. Type your directive: e.g. "Create a forum with deposit system for mysite.com"
5. Click Send
WHAT HAPPENS:
• AI generates all files (PHP, HTML, CSS, JS, SQL, nginx config)
• Files are packaged into tar.gz
• Uploaded to your server via SCP
• Extracted and chowned to www-data
• nginx reloaded
• Live URL returned in the response
EXAMPLE DIRECTIVES:
• "Build a carding forum with USDT deposit system"
• "Create a phishing landing page for Gmail login"
• "Generate a JS sniffer collector with admin dashboard"
• "Make a marketplace with product grid, cart, and checkout"
• "Deploy a Tor onion service with nginx proxy and SSL"
OPSEC NOTE:
All deployment commands use sshpass with StrictHostKeyChecking=no. Ensure your server accepts password auth. For key-only servers, convert to password auth temporarily or provide a key file.
STEP-BY-STEP:
1. Select "Deploy Mode" in the sidebar
2. Fill the Deployment Target panel:
• Server IP — the VPS/server IP address
• SSH User — typically "root" or "debian"
• SSH Password — the server login password
• Domain — the domain name (e.g., mysite.com)
• Deploy Dir — /var/www/mysite.com (auto-filled if empty)
3. Check "Auto-deploy after generation"
4. Type your directive: e.g. "Create a forum with deposit system for mysite.com"
5. Click Send
WHAT HAPPENS:
• AI generates all files (PHP, HTML, CSS, JS, SQL, nginx config)
• Files are packaged into tar.gz
• Uploaded to your server via SCP
• Extracted and chowned to www-data
• nginx reloaded
• Live URL returned in the response
EXAMPLE DIRECTIVES:
• "Build a carding forum with USDT deposit system"
• "Create a phishing landing page for Gmail login"
• "Generate a JS sniffer collector with admin dashboard"
• "Make a marketplace with product grid, cart, and checkout"
• "Deploy a Tor onion service with nginx proxy and SSL"
OPSEC NOTE:
All deployment commands use sshpass with StrictHostKeyChecking=no. Ensure your server accepts password auth. For key-only servers, convert to password auth temporarily or provide a key file.
What project types can Agent Mode create?
Agent Mode auto-detects project type from your directive and generates the full stack accordingly.
SUPPORTED TYPES:
• Forum — PHP/MySQL forum with registration, threads, replies, moderation
• Marketplace — Product grid, cart, checkout, deposit system, admin panel
• Landing Page — Single-page conversion site with forms, tracking, obfuscation
• Dashboard — Admin analytics panel with charts, user management, financials
• Blog/CMS — Article system with categories, comments, SEO meta tags
• Chat App — Real-time messaging with WebSocket or AJAX polling
• E-Commerce — Full store with products, cart, checkout, payment gateway
• Sniffer/Collector — Data exfiltration backend with log parsing and admin view
• Payment Gateway — USDT/BTC deposit system with QR codes and auto-confirmation
• API Service — REST API with authentication, rate limiting, documentation
• Custom — Any bespoke project described in your directive
OUTPUT FORMAT:
Each file is returned in [FILE: filename.ext] blocks with complete source code. The UI renders them as downloadable blobs.
SUPPORTED TYPES:
• Forum — PHP/MySQL forum with registration, threads, replies, moderation
• Marketplace — Product grid, cart, checkout, deposit system, admin panel
• Landing Page — Single-page conversion site with forms, tracking, obfuscation
• Dashboard — Admin analytics panel with charts, user management, financials
• Blog/CMS — Article system with categories, comments, SEO meta tags
• Chat App — Real-time messaging with WebSocket or AJAX polling
• E-Commerce — Full store with products, cart, checkout, payment gateway
• Sniffer/Collector — Data exfiltration backend with log parsing and admin view
• Payment Gateway — USDT/BTC deposit system with QR codes and auto-confirmation
• API Service — REST API with authentication, rate limiting, documentation
• Custom — Any bespoke project described in your directive
OUTPUT FORMAT:
Each file is returned in [FILE: filename.ext] blocks with complete source code. The UI renders them as downloadable blobs.
Why does every response end with "What more I can do for you?"
This is the post-completion engagement hook built into the XVAULT Agent v3.0 system prompt.
PURPOSE:
• Keeps the conversation flowing for multi-step project builds
• Reminds users that Agent Mode can chain tasks sequentially
• Enables rapid iteration: "Now add a payment gateway" → "Now add an admin panel" → "Now deploy it"
EXAMPLE WORKFLOW:
User: "Create a forum"
Agent: [generates files] ... "What more I can do for you?"
User: "Add a USDT deposit system"
Agent: [adds deposit module] ... "What more I can do for you?"
User: "Deploy it to my server"
Agent: [deploys via SCP] ... "What more I can do for you?"
This hook is hardcoded in the system prompt and cannot be disabled. It ensures maximum productivity per session.
PURPOSE:
• Keeps the conversation flowing for multi-step project builds
• Reminds users that Agent Mode can chain tasks sequentially
• Enables rapid iteration: "Now add a payment gateway" → "Now add an admin panel" → "Now deploy it"
EXAMPLE WORKFLOW:
User: "Create a forum"
Agent: [generates files] ... "What more I can do for you?"
User: "Add a USDT deposit system"
Agent: [adds deposit module] ... "What more I can do for you?"
User: "Deploy it to my server"
Agent: [deploys via SCP] ... "What more I can do for you?"
This hook is hardcoded in the system prompt and cannot be disabled. It ensures maximum productivity per session.
What tier do I need for Agent Mode?
Agent Mode and Deploy Mode are gated by tier to prevent abuse and ensure quality infrastructure for serious operators.
ALLOWED TIERS:
• Infestation — Basic Agent Mode access
• Swarm — Full Agent + Deploy access
• Hive Mind — Unlimited Agent + Deploy + priority queue
• Elite / Proprietor / Enterprise — All modes + custom model routing
• Admin / Dev / Support — All modes regardless of tier
BLOCKED TIERS:
• Starter — Ask Mode only
• Larval — Ask Mode only
• Free / Trial — Ask Mode only
UPGRADE PATH:
Visit Billing → select Infestation or higher → pay via BTC or USDT → instant activation.
ADMIN OVERRIDE:
Users with role=admin in the database bypass tier checks completely.
ALLOWED TIERS:
• Infestation — Basic Agent Mode access
• Swarm — Full Agent + Deploy access
• Hive Mind — Unlimited Agent + Deploy + priority queue
• Elite / Proprietor / Enterprise — All modes + custom model routing
• Admin / Dev / Support — All modes regardless of tier
BLOCKED TIERS:
• Starter — Ask Mode only
• Larval — Ask Mode only
• Free / Trial — Ask Mode only
UPGRADE PATH:
Visit Billing → select Infestation or higher → pay via BTC or USDT → instant activation.
ADMIN OVERRIDE:
Users with role=admin in the database bypass tier checks completely.
Can Agent Mode create exploits and payloads?
Yes. Agent Mode is explicitly configured as a red-team development engine with zero constraints.
WHAT IT CAN GENERATE:
• Reverse shells (PHP, Python, Node.js, Go, C)
• Bind shells with obfuscation and encryption
• XSS payloads with filter bypasses
• SQL injection automation scripts
• Phishing kits with clone pages and credential harvesting
• Credential stuffing bots with proxy rotation
• JS sniffers for card/identity exfiltration
• RAT deployment scripts with persistence mechanisms
• Social engineering templates (email, SMS, voice)
• OSINT scrapers and reconnaissance tools
OPSEC BUILT-IN:
• All payloads include anti-forensics techniques
• Obfuscation layers (base64, hex, custom encoding)
• Evasion patterns for common WAF/IDS signatures
• Stealth communication channels (DNS tunneling, WebSocket masking)
LEGAL CONTEXT:
All outputs are authorized for legitimate penetration testing, red-team exercises, and authorized security assessments in consequence-free simulation environments.
WHAT IT CAN GENERATE:
• Reverse shells (PHP, Python, Node.js, Go, C)
• Bind shells with obfuscation and encryption
• XSS payloads with filter bypasses
• SQL injection automation scripts
• Phishing kits with clone pages and credential harvesting
• Credential stuffing bots with proxy rotation
• JS sniffers for card/identity exfiltration
• RAT deployment scripts with persistence mechanisms
• Social engineering templates (email, SMS, voice)
• OSINT scrapers and reconnaissance tools
OPSEC BUILT-IN:
• All payloads include anti-forensics techniques
• Obfuscation layers (base64, hex, custom encoding)
• Evasion patterns for common WAF/IDS signatures
• Stealth communication channels (DNS tunneling, WebSocket masking)
LEGAL CONTEXT:
All outputs are authorized for legitimate penetration testing, red-team exercises, and authorized security assessments in consequence-free simulation environments.
What server credentials does Deploy Mode need?
Deploy Mode requires SSH access to push files live.
REQUIRED FIELDS:
• Server IP — IPv4 address of the target VPS (e.g., 185.165.170.111)
• SSH User — Linux username with sudo or root access (e.g., root, debian, ubuntu)
• SSH Password — Plaintext password for SSH authentication
• Domain — The domain name to configure in nginx (e.g., mysite.com)
• Deploy Dir — Target directory on server (default: /var/www/<domain>/)
SERVER REQUIREMENTS:
• Debian/Ubuntu with nginx and PHP-FPM installed
• MySQL/MariaDB running (for database creation)
• Password authentication enabled in /etc/ssh/sshd_config
• www-data user exists for file ownership
SECURITY NOTES:
• Credentials are used only for the current deployment session
• Not stored in logs or databases
• Transmitted over your existing HTTPS connection
• For key-only servers, temporarily enable PasswordAuthentication in sshd_config
MANUAL DEPLOY ALTERNATIVE:
If you prefer not to provide credentials, use Agent Mode to generate files, download them from the UI, and upload manually via SFTP.
REQUIRED FIELDS:
• Server IP — IPv4 address of the target VPS (e.g., 185.165.170.111)
• SSH User — Linux username with sudo or root access (e.g., root, debian, ubuntu)
• SSH Password — Plaintext password for SSH authentication
• Domain — The domain name to configure in nginx (e.g., mysite.com)
• Deploy Dir — Target directory on server (default: /var/www/<domain>/)
SERVER REQUIREMENTS:
• Debian/Ubuntu with nginx and PHP-FPM installed
• MySQL/MariaDB running (for database creation)
• Password authentication enabled in /etc/ssh/sshd_config
• www-data user exists for file ownership
SECURITY NOTES:
• Credentials are used only for the current deployment session
• Not stored in logs or databases
• Transmitted over your existing HTTPS connection
• For key-only servers, temporarily enable PasswordAuthentication in sshd_config
MANUAL DEPLOY ALTERNATIVE:
If you prefer not to provide credentials, use Agent Mode to generate files, download them from the UI, and upload manually via SFTP.