feat: 对齐 Python 编排上下文与降级逻辑

Author: claude

secbot_agent/core/agents/base.py

@@ -103,6 +103,9 @@ def get_conversation_history(self, limit: Optional[int] = None) -> List[AgentMes
     def clear_memory(self):
         """清空记忆"""
         self._conversation.clear()
+        self.messages = [
+            AgentMessage(role="system", content=self.system_prompt)
+        ] if self.system_prompt else []
         if hasattr(self.memory, "clear_all") and callable(self.memory.clear_all):
             # MemoryManager.clear_all 为 async，此处仅清空对话列表；持久记忆由调用方按需清空
             pass
@@ -121,4 +124,3 @@ def update_system_prompt(self, new_prompt: str):
             self.messages.insert(0, AgentMessage(role="system", content=new_prompt))
 
         self.log.bind(event="stage_end").info(f"智能体 {self.name} 的系统提示词已更新")
-

secbot_agent/core/agents/coordinator_agent.py

@@ -136,6 +136,7 @@ async def execute_todo(
         iteration: int = 1,
         get_root_password=None,
         emit_events: bool = True,
+        context_block: str = "",
     ) -> Dict[str, Any]:
         """
         单步执行入口：根据 Todo.agent_hint / resource 路由到专职子 Agent。
@@ -165,6 +166,7 @@ async def execute_todo(
             iteration=iteration,
             get_root_password=get_root_password,
             emit_events=emit_events,
+            context_block=context_block,
         )
 
         # 为结果打上 agent 标签，便于 Summary / 前端区分
@@ -332,4 +334,3 @@ def _select_sub_agent(
 
 
 __all__ = ["CoordinatorAgent"]
-

secbot_agent/core/agents/intent_router.py

@@ -30,7 +30,7 @@
     "分类（共 6 类）：\n"
     "1) small_talk：闲聊、感谢、表情、确认（\"嗯\"/\"ok\"/\"😊\"）、纯礼貌。不需要工具、不需要安全知识。\n"
     "2) meta：询问 secbot 自身能力、改设置、查看历史/工具列表/会话状态。\n"
-    "3) qa：安全知识、概念、原理、提问类（\"什么是 SSRF？\"/\"DNS 解析过程？\"）。不需要执行工具。\n"
+    "3) qa：安全知识、概念、原理、提问类（\"什么是 SSRF？\"/\"DNS 解析过程？\"）。通常不需要执行工具；但若用户明确在问“最新/近期/当前”的漏洞或安全动态，仍归为 qa，由问答层决定是否做只读实时检索。\n"
     "4) clarify_needed：用户想做任务，但关键参数缺失（目标缺、模糊指代、范围不清），必须先追问。\n"
     "5) task_simple：任务意图明确，且显然 1 步可解（\"再跑一遍上次的端口扫描\"/\"对 1.2.3.4 ping 一下\"），跳过复杂规划。\n"
     "6) task_complex：任务，需要规划、并行/串行多步工具调用、可能要生成报告。\n\n"
@@ -273,8 +273,8 @@ async def classify(
                 lc_messages.append(HumanMessage(content=content))
         lc_messages.append(HumanMessage(content=user_prompt))
 
-        self._ensure_llm()
         try:
+            self._ensure_llm()
             import asyncio
 
             resp = await asyncio.wait_for(

secbot_agent/core/agents/tool_calling_agent.py

@@ -87,10 +87,16 @@ def __init__(
         self._model_override: Optional[str] = None
 
         self._sync_base_url_and_model()
-        self.llm = _create_llm(
-            provider=self._provider_override or settings.llm_provider,
-            model=self._model_override,
-        )
+        try:
+            self.llm = _create_llm(
+                provider=self._provider_override or settings.llm_provider,
+                model=self._model_override,
+            )
+        except Exception as e:
+            self.llm = None
+            logger.bind(agent=self.name, event="agent_error", attempt=1).warning(
+                f"LLM 初始化失败，保留 Agent 基础能力: {e}"
+            )
         logger.bind(agent=self.name, event="stage_start", attempt=1).info(
             f"推理后端: {self._provider_override or settings.llm_provider}, 模型: {self.model}"
         )
@@ -104,7 +110,7 @@ def __init__(
         langchain_tools = [LangChainToolWrapper(tool) for tool in self.tools]
 
         # 使用 LangChain 1.1+ 的新 API
-        if langchain_tools:
+        if langchain_tools and self.llm is not None:
             self.tools_dict = {tool.name: tool for tool in langchain_tools}
             # 配置或运行时发现模型不支持 tools 时，不绑定工具
             supports_tools = getattr(settings, "llm_tools_supported", True)
@@ -136,7 +142,7 @@ def __init__(
             self.llm_with_tools = self.llm
             self.tools_dict = {}
             self.use_bind_tools = False
-            logger.bind(agent=self.name, event="agent_error", attempt=1).warning("没有提供工具，工具调用智能体将无法使用工具调用功能")
+            logger.bind(agent=self.name, event="agent_error", attempt=1).warning("没有可用 LLM 或工具，工具调用智能体将仅保留基础会话能力")
 
     def _sync_base_url_and_model(self) -> None:
         """根据当前 provider/model 覆盖更新 base_url 和 model（用于显示）。"""

secbot_agent/core/executor.py

@@ -37,12 +37,14 @@ def __init__(
         planner,
         event_bus: EventBus,
         get_root_password: Optional[Callable] = None,
+        context_block: str = "",
     ):
         self.plan_result = plan_result
         self.agent = agent
         self.planner = planner
         self.event_bus = event_bus
         self.get_root_password = get_root_password
+        self.context_block = context_block
         self._layer_results: Dict[str, Any] = {}
 
     def _get_todo_by_id(self, todo_id: str) -> Optional[TodoItem]:
@@ -241,6 +243,7 @@ async def _execute_single_todo(
                 iteration=iteration,
                 get_root_password=self.get_root_password,
                 emit_events=emit_events,
+                context_block=self.context_block,
             )
             duration_ms = int((time.perf_counter() - started) * 1000)
             if result.get("success"):

secbot_agent/core/patterns/security_react.py

@@ -611,6 +611,7 @@ async def process(self, user_input: str, on_event=None, **kwargs) -> str:
         self._skip_report = skip_report  # 供 handle_accept 使用
         # 当前计划步骤（由 SessionManager 传入），用于 prompt 中提示“未完成不输出 Final Answer”
         self._current_todos = kwargs.get("todos") or []
+        self._runtime_context_block = (kwargs.get("context_block") or "").strip()
         # 需要 root 时询问密码的回调（由交互层传入）
         self._get_root_password = kwargs.get("get_root_password")
 
@@ -1138,6 +1139,13 @@ async def _plan(self, user_input: str, on_event=None) -> str:
         """规划阶段：分析任务，制定执行计划"""
         tools_desc = self._get_tools_description()
         context_block = get_agent_context_block()
+        runtime_context = getattr(self, "_runtime_context_block", "")
+        if runtime_context:
+            context_block = (
+                f"{context_block}\n"
+                f"## 会话检索上下文（由 ContextAssembler 注入）\n"
+                f"{runtime_context}\n"
+            )
 
         planning_prompt = f"""你是一个安全测试专家。请分析用户请求，制定详细的执行计划。
 
@@ -1703,6 +1711,7 @@ async def execute_todo(
         iteration: int = 1,
         get_root_password=None,
         emit_events: bool = True,
+        context_block: str = "",
     ) -> Dict[str, Any]:
         """
         单步执行：根据 todo 的 tool_hint 执行对应工具，供 TaskExecutor 分层调度使用。
@@ -1756,6 +1765,8 @@ async def execute_todo(
 
         # 使用 LLM 提取参数
         context_str = ""
+        if context_block:
+            context_str += f"\n- request_context: {context_block[:1200]}"
         if context:
             for k, v in context.items():
                 if v is not None:

secbot_agent/core/session.py

@@ -257,7 +257,7 @@ async def _maybe_handle_conversational_intent(
             ans = (intent.direct_response or "").strip()
             if not ans:
                 ans = (
-                    "收到～有需要执行的安全任务随时说。"
+                    "收到～有需要执行的安全任务随时说!"
                     if intent.intent == "small_talk"
                     else "我会尽量帮你查清楚。"
                 )
@@ -375,20 +375,38 @@ async def handle_message(
         import os
 
         at = agent_type or self.get_current_agent_type()
+        sid = self.current_session.id if self.current_session else "default"
 
         # ---- 强制 Q&A（mode=ask）----
         if force_qa:
             await self.event_bus.emit_simple_async(
                 EventType.TASK_PHASE, phase="done", detail=""
             )
-            response = await self.qa_agent.answer(user_input)
+            if self.context_assembler and self.current_session:
+                ctx = await self.context_assembler.build(
+                    query=user_input,
+                    session=self.current_session,
+                    session_id=sid,
+                    agent_type="qa",
+                    model_name=model_name,
+                )
+                await self._emit_context_usage(ctx.debug)
+                hist = [
+                    {"role": m.role.value, "content": m.content}
+                    for m in self.current_session.messages
+                ]
+                response = await self.qa_agent.answer_with_context(
+                    user_input, hist, ctx.context_block
+                )
+            else:
+                response = await self.qa_agent.answer(user_input)
             if self.current_session:
                 self.current_session.add_message(MessageRole.ASSISTANT, response)
+            await self._persist_turn(user_input, response, "qa")
             return response
 
         # ---- IntentRouter + 可选 Explore + 预算上下文 ----
         _context_block = ""
-        sid = self.current_session.id if self.current_session else "default"
         focus_kw: List[str] = []
         unresolved_snap: List[str] = []
         if self.context_assembler:
@@ -532,6 +550,7 @@ def event_bridge(event_type: str, data: dict):
                         skip_planning=True,
                         skip_report=True,
                         todos=[],
+                        context_block=_context_block,
                         get_root_password=getattr(self, "get_root_password", None),
                     )
             else:
@@ -541,6 +560,7 @@ def event_bridge(event_type: str, data: dict):
                     skip_planning=True,
                     skip_report=True,
                     todos=[],
+                    context_block=_context_block,
                     get_root_password=getattr(self, "get_root_password", None),
                 )
 
@@ -678,6 +698,7 @@ async def _do_execute():
                     planner=self.planner,
                     event_bus=self.event_bus,
                     get_root_password=getattr(self, "get_root_password", None),
+                    context_block=_context_block,
                 )
                 return await executor.run(user_input, on_event=event_bridge)
             else:
@@ -687,6 +708,7 @@ async def _do_execute():
                     skip_planning=True,
                     skip_report=True,
                     todos=todos_snapshot,
+                    context_block=_context_block,
                     get_root_password=getattr(self, "get_root_password", None),
                 )
                 return resp
@@ -749,6 +771,7 @@ async def _do_execute():
                     planner=self.planner,
                     event_bus=self.event_bus,
                     get_root_password=getattr(self, "get_root_password", None),
+                    context_block=_context_block,
                 )
                 if lock is not None:
                     async with lock: