LLM/pentestagent
1
0
Fork 0
mirror of https://github.com/GH05TCREW/pentestagent.git synced 2026-03-07 22:33:38 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
d6c5d8ebd2e8feb0cfb9e084b415a6cd38b0dbed
pentestagent/PR_BODY.txt

34 lines
3.0 KiB
Plaintext
Raw Blame History

Summary:
Fixes runtime and UX bugs that prevented tool execution and caused inconsistent target selection in the TUI. Improves robustness across Textual versions and makes the target visible and authoritative to the LLM.
What was broken:
- TypeError when scheduling Textual workers: asyncio.create_task was given a Textual Worker (not a coroutine).
- LLM-generated flags-only terminal commands (e.g. -p 1-1024 ...) were passed to /bin/sh and caused '/bin/sh: Illegal option -'.
- Active workspace scope checks blocked scans when the target was not in the workspace, while stale/manual targets could persist in conversation and be used by the LLM.
- UI errors on some Textual versions from calling unsupported APIs (e.g. ScrollableContainer.mount_before), and duplicated in-chat target messages cluttered the chat.
What I changed (key files):
- pentestagent/interface/tui.py
- Stop wrapping @work-decorated methods with asyncio.create_task; use the returned Worker correctly.
- Ensure workspace activation/deactivation behavior: clear TUI/agent target on /workspace clear; restore last_target on activation.
- When operator sets a manual target (/target), append a short system AgentMessage so the LLM sees the change; track manual target and remove/supersede it when a workspace restores its saved target.
- Add a persistent header widget to display runtime/mode/target and remove duplicate in-chat target lines.
- Guard mount_before calls with a try/fallback to mount to support Textual versions without mount_before.
- pentestagent/agents/base_agent.py
- If a requested tool name is not found, fall back to the terminal tool and construct a best-effort command string from function-call arguments so semantic tool names (e.g., nmap) execute.
- Preserve workspace-scope validation but return explicit errors that instruct the operator how to proceed.
- pentestagent/tools/terminal/__init__.py
- Detect flags-only command strings and prefix them with a likely binary (nmap, gobuster, rustscan, masscan, curl, wget, etc.) using runtime-detected tools, preventing shell option errors.
- Make terminal execution tolerant to malformed inputs and avoid uncaught exceptions.
Rationale:
Textual workers are Worker objects; scheduling them as coroutines caused runtime errors. Handling Worker objects correctly preserves Textual semantics. LLMs sometimes emit partial or semantic commands; best-effort normalization reduces shell failures and improves task success. Explicit system messages and deterministic workspace restores ensure the LLM uses the intended target. A persistent header provides immediate operator context and avoids losing the active target when the chat scrolls.
Testing performed:
- Reproduced and fixed the Worker scheduling TypeError.
- Verified flags-only commands are now prefixed (nmap test) and no longer produce '/bin/sh: Illegal option -'.
- Walked through workspace/target flows to confirm authoritative target behavior.
- Confirmed mount_before fallback avoids AttributeError on older Textual versions.
Branch: changes pushed to giveen/bug-fix.
Reference in New Issue View Git Blame Copy Permalink