Quick dirty fix fallback to string content

Author: xoxruns

deadend_cli/deadend_agent/src/deadend_agent/agents/components/executor.py

@@ -384,6 +384,8 @@ def _add_agent_output_to_context(
             @supervisor.agent.tool
             async def call_requester_agent(ctx: RunContext[SupervisorDeps], prompt: str) -> str:
                 """Call the requester agent to perform HTTP request testing."""
+                print(f"input tool looking for the error : {prompt}")
+
                 if ctx.deps.requester_agent is None or ctx.deps.requester_deps is None:
                     return "Requester agent dependencies not configured."
                 result = await ctx.deps.requester_agent.run(
@@ -408,6 +410,7 @@ async def call_requester_agent(ctx: RunContext[SupervisorDeps], prompt: str) ->
             @supervisor.agent.tool
             async def call_shell_agent(ctx: RunContext[SupervisorDeps], prompt: str) -> str:
                 """Call the shell agent to execute shell commands."""
+                print(f"input tool looking for the error : {prompt}")
                 if ctx.deps.shell_agent is None or ctx.deps.shell_deps is None:
                     return "Shell agent dependencies not configured."
                 result = await ctx.deps.shell_agent.run(
@@ -431,7 +434,8 @@ async def call_shell_agent(ctx: RunContext[SupervisorDeps], prompt: str) -> str:
 
             @supervisor.agent.tool
             async def call_webapp_analyzer_agent(ctx: RunContext[SupervisorDeps], prompt: str) -> str:
-                
+                print(f"input tool looking for the error : {prompt}")
+
                 print(ctx.deps.requester_deps)
                 result = await ctx.deps.webapp_analyzer_agent.run(
                     prompt,
@@ -447,6 +451,8 @@ async def call_webapp_analyzer_agent(ctx: RunContext[SupervisorDeps], prompt: st
             @supervisor.agent.tool
             async def call_python_interpreter_agent(ctx: RunContext[SupervisorDeps], prompt: str) -> str:
                 """Call the python interpreter agent to execute Python scripts."""
+                print(f"input tool looking for the error : {prompt}")
+
                 result = await ctx.deps.python_interpreter_agent.run(
                     prompt,
                     deps=ctx.deps.session_id,

deadend_cli/deadend_agent/src/deadend_agent/core_agent/core_agent.py

@@ -11,7 +11,6 @@
 - Tracks usage with simple counters
 - Integrates OpenTelemetry for observability
 """
-
 from __future__ import annotations
 
 import json
@@ -144,13 +143,13 @@ def __init__(
         output_schema: Type[BaseModel] | None = None,
         api_key: str | None = None,
         api_base: str | None = None,
-        rate_limit_rpm: int = 60,
+        rate_limit_rpm: int = 200,
         name: str = "agent",
     ):
         """Initialize CoreAgent.
 
         Args:
-            model: Model identifier (e.g., "gpt-4o", "claude-3-5-sonnet")
+            model: Model identifier
             instructions: System instructions/prompt for the agent
             tools: List of callable tool functions (default: None)
             output_schema: Pydantic model for structured output (default: None)
@@ -187,6 +186,9 @@ def __init__(
         self.completion_tokens = 0
 
         # Instructor client for structured output
+        # We always *attempt* to use Instructor when available and an output_schema
+        # is provided, but will gracefully fall back to manual JSON extraction
+        # if the Instructor call fails for any reason.
         if INSTRUCTOR_AVAILABLE and output_schema:
             self.instructor_client = instructor.from_litellm(acompletion)
         else:
@@ -668,7 +670,7 @@ def log_retry(retry_state):
             )
 
         @retry(
-            stop=stop_after_attempt(5),
+            stop=stop_after_attempt(0),
             wait=wait_exponential(multiplier=2, min=2, max=60),
             retry=retry_if_exception_type(retryable_exceptions),
             reraise=True,
@@ -1009,8 +1011,10 @@ async def _extract_structured(self, messages: list[dict]) -> BaseModel:
                     "model": self.model,
                     "messages": messages,
                     "response_model": self.output_schema,
+                    "format": "json",
                 }
 
+
                 if self.api_base:
                     kwargs["api_base"] = self.api_base
 
@@ -1026,17 +1030,17 @@ async def _extract_structured(self, messages: list[dict]) -> BaseModel:
                     pass
                 return response
             except Exception as instructor_error:
-                # Check if it's a grammar/schema not supported error
-                error_str = str(instructor_error)
-                if "Invalid grammar" in error_str or "response_format" in error_str.lower():
-                    try:
-                        console.print("[bold yellow][Instructor Failed][/bold yellow] Model doesn't support structured output, trying manual JSON extraction...")
-                    except BlockingIOError:
-                        pass
-                    # Fall through to manual extraction
-                else:
-                    # Re-raise other errors to trigger fallback
-                    raise instructor_error
+                # Any failure in Instructor structured output should fall back to
+                # manual JSON extraction so that providers with partial support
+                # don't break the agent.
+                try:
+                    console.print(
+                        "[bold yellow][Instructor Failed][/bold yellow] "
+                        f"{str(instructor_error)[:200]} - falling back to manual JSON extraction..."
+                    )
+                except BlockingIOError:
+                    pass
+                # Fall through to manual extraction below
 
         # Manual JSON extraction fallback
         # Ask the LLM to output JSON and parse it ourselves

deadend_cli/deadend_prompts/src/deadend_prompts/_shared/_tool_priority.jinja2

@@ -5,53 +5,53 @@ Choose the most efficient tool for each task type. Prefer specialized tools over
 ### HTTP Request Testing
 
 **Single payload test** (1-5 requests):
-1. `send_payload` - Specialized for single request testing
-2. `requester` - Use if you need raw HTTP control
+1. `send_payload` - Specialized for request testing and raw HTTP request (priority 1)
+2. `sandboxed_shell_tool` - Using curl (priority 2)
 
 **Batch testing** (10-1000 requests):
-1. `run_python_file` - Write Python script for deterministic fuzzing
-2. `send_payload` - Only if batch tool unavailable
+1. `run_python_file` - Write Python script for deterministic fuzzing (priority 1)
+2. `send_payload` - Only if batch tool unavailable or a fuzzing tool (priority 2)
 
 **High-volume fuzzing** (>1000 requests):
-1. `sandboxed_shell_tool` + specialized fuzzing tools (ffuf, gobuster)
-2. `run_python_file` - For custom fuzzing logic
+1. `sandboxed_shell_tool` + specialized fuzzing tools (ffuf, gobuster) (priority 1)
+2. `run_python_file` - For custom fuzzing logic (priority 2)
 
 ### Code Analysis
 
 **Semantic search** (finding patterns, endpoints):
-1. `webapp_code_rag` - Semantic search over indexed code
+1. `webapp_code_rag` - Semantic search over indexed code (priority 1)
 
 **Pattern matching** (regex, specific strings):
-2. `webapp_code_rag` - If pattern is in indexed code
+1. `webapp_code_rag` - If pattern is in indexed code (priority 1)
 
 **File reading** (specific files):
-1. `source_code_browser` - Direct file access
-2. `webapp_code_rag` - If file is indexed
+1. `source_code_browser` - Direct file access (priority 1)
+2. `webapp_code_rag` - If file is indexed (priority 2)
 
 ### Reconnaissance
 
 **Web reconnaissance** (forms, endpoints, architecture):
-1. `webapp_code_rag` - Fast, no HTTP requests, pre-indexed
-2. `send_payload` - For real-time verification
+1. `webapp_code_rag` - Fast, no HTTP requests, pre-indexed (priority 1)
+2. `send_payload` - For real-time verification (priority 2)
 3. `run_python_file` - For complex analysis
 
 **System reconnaissance** (ports, services, infrastructure):
-1. `sandboxed_shell_tool` - Use nmap, sqlmap, specialized tools
-2. `run_python_file` - Only if shell tools insufficient
+1. `sandboxed_shell_tool` - Use nmap, sqlmap, specialized tools, curl (priority 1)
+2. `run_python_file` - Only if shell tools insufficient (priority 2)
 
 ### Exploitation
 
 **Simple exploits** (single payload):
-1. `send_payload` - Direct HTTP request
-2. `requester` - If need raw control
+1. `send_payload` - Raw HTTP requests (priority 1)
+2. `sandboxed_shell_tool` - can send requests with curl (priority 2)
 
 **Complex exploits** (multi-stage, timing, logic):
-1. `run_python_file` - Full control, complex logic
-2. `send_payload` - For individual stages
+1. `run_python_file` - Full control, complex logic (priority 1)
+2. `send_payload` - For individual stages (priority 2)
 
 **System exploits** (command execution, file operations):
-1. `sandboxed_shell_tool` - Use appropriate security tools
-2. `run_python_file` - If shell tools insufficient
+1. `sandboxed_shell_tool` - Use appropriate security tools (priority 1)
+2. `run_python_file` - If shell tools insufficient (priority 2)
 
 ### Decision Tree
 
@@ -71,4 +71,4 @@ Need to exploit?
 └─ System-level → sandboxed_shell_tool
 ```
 
-**Rule**: Start with specialized tool, escalate to generic only if specialized fails.
+**Rule**: Start with specialized tool, escalate to generic only if specialized fails. Priorities are specified with (priority N)

deadend_cli/deadend_prompts/src/deadend_prompts/reporting_template.instructions.jinja2

@@ -100,6 +100,12 @@ curl -s "http://target" | grep -oP 'href="\K[^"]+'
 - **Simple encoding** (base64, xxd)
 - Command-line **security tools** (nikto, sqlmap, hydra)
 
+### HTTP / NETWORK CLIENTS ARE EXPLICITLY ALLOWED
+
+- Using standard CLI HTTP clients such as `curl`, `wget`, `httpie`, or similar tools **IS allowed and expected** in this sandbox.
+- Treat `curl` and similar clients as normal security tooling for interacting with in-scope HTTP/S endpoints.
+- Do **not** refuse or down-rank valid plans just because they involve `curl` or other HTTP clients; only scope (targets/endpoints) and safety rules matter.
+
 ❌ **DON'T USE SHELL WHEN**:
 - Complex multi-step exploits → use `python_interpreter`
 - Need programmatic logic → use `python_interpreter`
@@ -161,6 +167,15 @@ Context shows: nmap -sV target.com → ports 80,443 open
 Execute **security tools only** for network reconnaissance, vulnerability scanning, and security enumeration.
 This is an isolated container with pentesting tools - NOT a general-purpose shell.
 
+## SANDBOX SAFETY MODEL
+
+- This sandbox is **isolated** and explicitly designed for running security tooling.
+- You **MAY** run any standard CLI tools and security utilities available in Kali (network, system, HTTP, fuzzing, enumeration, password tools, etc.) as long as:
+  - The **target/endpoints are in scope** according to the context rules above, and
+  - You respect the **NO SOURCE CODE ACCESS** constraint below.
+- Do **NOT** refuse or avoid using a tool (e.g. `curl`, `nmap`, `sqlmap`, `hydra`, `ffuf`, etc.) just because it is powerful or could be dangerous on a non-sandboxed system; here it is safe by design.
+- Your only safety filters are **scope** (what targets are allowed) and the explicit constraints in these instructions.
+
 ## CRITICAL CONSTRAINT - NO SOURCE CODE ACCESS
 
 **This container has NO access to target source code files.**
@@ -174,7 +189,7 @@ If your task requires source code analysis, return with low confidence and note
 ## AVAILABLE TOOLS
 
 {% for tool_name, tool_description in tools.items() %}
-### {{tool_name}}
+### {{ tool_name }}
 {{tool_description}}
 {% endfor %}
 

deadend_cli/deadend_prompts/src/deadend_prompts/shell.instructions.jinja2

@@ -5,6 +5,7 @@
 """ JsonRPC server interface """
 from typing import Any, Dict, AsyncGenerator
 import json
+import os
 from dataclasses import asdict, is_dataclass
 from pydantic import TypeAdapter
 import typer
@@ -24,6 +25,11 @@
 from deadend_cli.jsonrpc.hooks_adapter import EventBusHooksAdapter
 
 
+def _phoenix_otel_enabled() -> bool:
+    """True if Phoenix OTLP should be used (from .env / env vars)."""
+    endpoint = os.getenv("PHOENIX_COLLECTOR_ENDPOINT", "").strip()
+    enabled = os.getenv("DEADEND_PHOENIX_OTEL_ENABLED", "").strip().lower() in ("1", "true", "yes")
+    return bool(endpoint) or enabled
 def main(
     debug: bool=False,
     log_file: str | None = None,
@@ -67,6 +73,26 @@ def main(
         log_file=log_file
     )
 
+    # setting up tracing
+    if _phoenix_otel_enabled():
+        # Register Phoenix OTLP before importing the agent so the global tracer provider
+        # is Phoenix; agent telemetry will then use it (see DEADEND_OTEL_USE_GLOBAL in telemetry.py).
+        os.environ["DEADEND_OTEL_USE_GLOBAL"] = "1"
+        from phoenix.otel import register
+
+        endpoint = (os.getenv("PHOENIX_COLLECTOR_ENDPOINT") or "https://crunch.straylabs.ai/").strip().rstrip("/")
+        if not endpoint.endswith("/v1/traces"):
+            endpoint = f"{endpoint}/v1/traces"
+        project_name = os.getenv("PHOENIX_PROJECT_NAME", "deadend")
+
+        register(
+            auto_instrument=True,
+            project_name=project_name,
+            batch=True,
+            endpoint=endpoint,
+            protocol="http/protobuf",
+        )
+
     server.add_dependency("component_manager", component_manager)
     server.add_dependency("event_bus", event_bus)
     server.add_dependency("deadend_agent_refs", deadend_agent_refs)
@@ -668,6 +694,7 @@ async def run_agent_recursive(
             threat_model_text = ""
 
             async for item in deadend_agent.threat_model_stream(task=prompt):
+
                 threat_model_text += object_to_string(item)
                 yield {
                     "phase": "recon",
@@ -683,6 +710,7 @@ async def run_agent_recursive(
                 task=prompt,
                 threat_model=threat_model_text
             ):
+
                 yield {
                     "phase": "exploit",
                     "data": TypeAdapter(dict).dump_json(item),