npm - @miller-tech/uap - Versions diffs - 1.20.12 → 1.20.14 - Mend

@miller-tech/uap 1.20.12 → 1.20.14

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/package.json +1 -1
package/tools/agents/scripts/anthropic_proxy.py +97 -6
package/tools/agents/tests/test_anthropic_proxy_streaming.py +201 -0

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@miller-tech/uap",
-  "version": "1.20.12",
+  "version": "1.20.14",
   "description": "Autonomous AI agent memory system with CLAUDE.md protocol enforcement",
   "type": "module",
   "main": "dist/index.js",

package/tools/agents/scripts/anthropic_proxy.py CHANGED Viewed

@@ -143,7 +143,7 @@ PROXY_TOOL_STATE_MIN_MESSAGES = int(
     os.environ.get("PROXY_TOOL_STATE_MIN_MESSAGES", "6")
 )
 PROXY_TOOL_STATE_FORCED_BUDGET = int(
-    os.environ.get("PROXY_TOOL_STATE_FORCED_BUDGET", "24")
+    os.environ.get("PROXY_TOOL_STATE_FORCED_BUDGET", "12")
 )
 PROXY_TOOL_STATE_AUTO_BUDGET = int(os.environ.get("PROXY_TOOL_STATE_AUTO_BUDGET", "2"))
 PROXY_TOOL_STATE_STAGNATION_THRESHOLD = int(
@@ -156,7 +156,7 @@ PROXY_TOOL_STATE_FINALIZE_THRESHOLD = int(
     os.environ.get("PROXY_TOOL_STATE_FINALIZE_THRESHOLD", "18")
 )
 PROXY_TOOL_STATE_REVIEW_CYCLE_LIMIT = int(
-    os.environ.get("PROXY_TOOL_STATE_REVIEW_CYCLE_LIMIT", "2")
+    os.environ.get("PROXY_TOOL_STATE_REVIEW_CYCLE_LIMIT", "1")
 )
 PROXY_CLIENT_RATE_WINDOW_SECS = int(
     os.environ.get("PROXY_CLIENT_RATE_WINDOW_SECS", "60")
@@ -219,7 +219,7 @@ PROXY_MALFORMED_TOOL_GUARDRAIL = os.environ.get(
     "no",
 }
 PROXY_MALFORMED_TOOL_RETRY_MAX = int(
-    os.environ.get("PROXY_MALFORMED_TOOL_RETRY_MAX", "2")
+    os.environ.get("PROXY_MALFORMED_TOOL_RETRY_MAX", "3")
 )
 PROXY_MALFORMED_TOOL_RETRY_MAX_TOKENS = int(
     os.environ.get("PROXY_MALFORMED_TOOL_RETRY_MAX_TOKENS", "2048")
@@ -628,6 +628,7 @@ class SessionMonitor:
     tool_state_transitions: int = 0
     tool_state_review_cycles: int = 0
     last_tool_fingerprint: str = ""
+    cycling_tool_names: list = field(default_factory=list)
     finalize_turn_active: bool = False
     completion_required: bool = False
     completion_pending: bool = False
@@ -832,6 +833,7 @@ class SessionMonitor:
         self.tool_state_auto_budget_remaining = 0
         self.tool_state_stagnation_streak = 0
         self.tool_state_review_cycles = 0
+        self.cycling_tool_names = []
         self.last_tool_fingerprint = ""
     def update_completion_state(self, anthropic_body: dict, has_tool_results: bool):
@@ -2053,12 +2055,17 @@ def _resolve_state_machine_tool_choice(
             monitor.tool_state_forced_budget_remaining = max(
                 1, PROXY_TOOL_STATE_FORCED_BUDGET // 2
             )
+            # Capture which tools are cycling for narrowing/hint injection
+            window = max(2, PROXY_TOOL_STATE_CYCLE_WINDOW)
+            recent = [fp for fp in monitor.tool_call_history[-window:] if fp]
+            monitor.cycling_tool_names = list(dict.fromkeys(recent))
             logger.warning(
-                "TOOL STATE MACHINE: entering review (cycle=%s repeat=%d stagnation=%d cycles=%d)",
+                "TOOL STATE MACHINE: entering review (cycle=%s repeat=%d stagnation=%d cycles=%d cycling_tools=%s)",
                 cycle_looping,
                 cycle_repeat,
                 monitor.tool_state_stagnation_streak,
                 monitor.tool_state_review_cycles,
+                monitor.cycling_tool_names,
             )
             return "required", reason
@@ -2349,6 +2356,49 @@ def build_openai_request(
             monitor.no_progress_streak = (
                 0 if last_user_has_tool_result else monitor.no_progress_streak + 1
             )
+            # Option 1: Inject cycle-break instruction when entering review
+            if (
+                monitor.tool_turn_phase == "review"
+                and state_reason in {"cycle_detected", "stagnation"}
+                and monitor.cycling_tool_names
+            ):
+                cycling_names = ", ".join(monitor.cycling_tool_names)
+                cycle_hint = (
+                    f"You have been repeatedly calling the same tool(s): {cycling_names}. "
+                    "This is not making progress. Use a DIFFERENT tool to advance the task, "
+                    "or call a tool that produces your final answer."
+                )
+                messages = openai_body.get("messages", [])
+                messages.append({"role": "user", "content": cycle_hint})
+                openai_body["messages"] = messages
+                logger.warning(
+                    "CYCLE BREAK: injected hint about cycling tools: %s",
+                    cycling_names,
+                )
+            # Option 2: Narrow tools during review to exclude cycling tools
+            if (
+                monitor.tool_turn_phase == "review"
+                and monitor.cycling_tool_names
+                and "tools" in openai_body
+            ):
+                original_count = len(openai_body["tools"])
+                narrowed = [
+                    t
+                    for t in openai_body["tools"]
+                    if t.get("function", {}).get("name") not in monitor.cycling_tool_names
+                ]
+                if narrowed:
+                    openai_body["tools"] = narrowed
+                    logger.warning(
+                        "CYCLE BREAK: narrowed tools from %d to %d (excluded %s)",
+                        original_count,
+                        len(narrowed),
+                        monitor.cycling_tool_names,
+                    )
+                else:
+                    logger.warning(
+                        "CYCLE BREAK: cannot narrow tools — all tools are cycling, keeping original set",
+                    )
             logger.info(
                 "tool_choice forced to 'required' by TOOL STATE MACHINE (phase=%s reason=%s forced_budget=%d)",
                 monitor.tool_turn_phase,
@@ -3840,6 +3890,40 @@ async def _apply_completion_contract_guardrail(
     return retried
+def _sanitize_assistant_messages_for_retry(messages: list[dict]) -> list[dict]:
+    """Strip malformed tool-like text from assistant messages to prevent copy-contamination.
+    Only sanitizes the last 4 assistant messages to avoid excessive processing.
+    """
+    import re
+    # Patterns that indicate malformed tool call text in assistant content
+    _TOOL_LIKE_PATTERNS = re.compile(
+        r"<tool_call>.*?</tool_call>"
+        r"|<function_call>.*?</function_call>"
+        r'|\{"name"\s*:\s*"[^"]+"\s*,\s*"arguments"\s*:'
+        r"|```json\s*\{[^}]*\"name\"\s*:",
+        re.DOTALL,
+    )
+    result = list(messages)
+    sanitized_count = 0
+    for i in range(len(result) - 1, -1, -1):
+        if sanitized_count >= 4:
+            break
+        msg = result[i]
+        if msg.get("role") != "assistant":
+            continue
+        content = msg.get("content", "")
+        if isinstance(content, str) and _TOOL_LIKE_PATTERNS.search(content):
+            cleaned = _TOOL_LIKE_PATTERNS.sub("", content).strip()
+            if not cleaned:
+                cleaned = "I will use the appropriate tool."
+            result[i] = {**msg, "content": cleaned}
+            sanitized_count += 1
+    return result
 def _build_malformed_retry_body(
     openai_body: dict,
     anthropic_body: dict,
@@ -3851,7 +3935,11 @@ def _build_malformed_retry_body(
     retry_body = dict(openai_body)
     retry_body["stream"] = False
     retry_body["tool_choice"] = tool_choice
-    retry_body["temperature"] = PROXY_MALFORMED_TOOL_RETRY_TEMPERATURE
+    # Escalate temperature down on successive retries for more deterministic output
+    if total_attempts > 1 and attempt > 1:
+        retry_body["temperature"] = 0.0
+    else:
+        retry_body["temperature"] = PROXY_MALFORMED_TOOL_RETRY_TEMPERATURE
     if tool_choice == "required":
         retry_instruction = (
@@ -3872,7 +3960,10 @@ def _build_malformed_retry_body(
     }
     existing_messages = retry_body.get("messages")
     if isinstance(existing_messages, list) and existing_messages:
-        retry_body["messages"] = [*existing_messages, malformed_retry_instruction]
+        # Strip malformed tool-like text from assistant messages to prevent
+        # the model from copying contaminated patterns on retry
+        sanitized = _sanitize_assistant_messages_for_retry(existing_messages)
+        retry_body["messages"] = [*sanitized, malformed_retry_instruction]
     if PROXY_MALFORMED_TOOL_RETRY_MAX_TOKENS > 0:
         current_max = int(

package/tools/agents/tests/test_anthropic_proxy_streaming.py CHANGED Viewed

@@ -3236,6 +3236,207 @@ class TestPruningImprovements(unittest.TestCase):
         self.assertEqual(monitor.tool_turn_phase, "finalize")
+class TestCycleBreakOptions(unittest.TestCase):
+    """Tests for cycle-break options: hint injection, tool narrowing, reduced budgets."""
+    def test_cycle_break_injects_hint_message(self):
+        """Option 1: cycle detection injects a user hint about the cycling tools."""
+        old_state = getattr(proxy, "PROXY_TOOL_STATE_MACHINE")
+        old_min_msgs = getattr(proxy, "PROXY_TOOL_STATE_MIN_MESSAGES")
+        old_forced = getattr(proxy, "PROXY_TOOL_STATE_FORCED_BUDGET")
+        old_auto = getattr(proxy, "PROXY_TOOL_STATE_AUTO_BUDGET")
+        old_stagnation = getattr(proxy, "PROXY_TOOL_STATE_STAGNATION_THRESHOLD")
+        old_cycle_window = getattr(proxy, "PROXY_TOOL_STATE_CYCLE_WINDOW")
+        try:
+            setattr(proxy, "PROXY_TOOL_STATE_MACHINE", True)
+            setattr(proxy, "PROXY_TOOL_STATE_MIN_MESSAGES", 3)
+            setattr(proxy, "PROXY_TOOL_STATE_FORCED_BUDGET", 20)
+            setattr(proxy, "PROXY_TOOL_STATE_AUTO_BUDGET", 2)
+            setattr(proxy, "PROXY_TOOL_STATE_STAGNATION_THRESHOLD", 99)
+            setattr(proxy, "PROXY_TOOL_STATE_CYCLE_WINDOW", 4)
+            monitor = proxy.SessionMonitor(context_window=262144)
+            monitor.tool_turn_phase = "act"
+            monitor.tool_state_forced_budget_remaining = 20
+            monitor.tool_call_history = ["Bash", "Bash", "Bash", "Bash"]
+            monitor.last_tool_fingerprint = "Bash"
+            body = {
+                "model": "test",
+                "messages": [
+                    {"role": "user", "content": "start"},
+                    {
+                        "role": "assistant",
+                        "content": [
+                            {"type": "tool_use", "id": "t1", "name": "Bash", "input": {"command": "ls"}},
+                        ],
+                    },
+                    {
+                        "role": "user",
+                        "content": [
+                            {"type": "tool_result", "tool_use_id": "t1", "content": "ok"},
+                        ],
+                    },
+                ],
+                "tools": [
+                    {"name": "Bash", "description": "Run command", "input_schema": {"type": "object"}},
+                    {"name": "Read", "description": "Read file", "input_schema": {"type": "object"}},
+                ],
+            }
+            openai = proxy.build_openai_request(body, monitor)
+            self.assertEqual(monitor.tool_turn_phase, "review")
+            # Check that a cycle-break hint was injected
+            messages = openai.get("messages", [])
+            last_msg = messages[-1] if messages else {}
+            self.assertEqual(last_msg.get("role"), "user")
+            self.assertIn("Bash", last_msg.get("content", ""))
+            self.assertIn("DIFFERENT tool", last_msg.get("content", ""))
+        finally:
+            setattr(proxy, "PROXY_TOOL_STATE_MACHINE", old_state)
+            setattr(proxy, "PROXY_TOOL_STATE_MIN_MESSAGES", old_min_msgs)
+            setattr(proxy, "PROXY_TOOL_STATE_FORCED_BUDGET", old_forced)
+            setattr(proxy, "PROXY_TOOL_STATE_AUTO_BUDGET", old_auto)
+            setattr(proxy, "PROXY_TOOL_STATE_STAGNATION_THRESHOLD", old_stagnation)
+            setattr(proxy, "PROXY_TOOL_STATE_CYCLE_WINDOW", old_cycle_window)
+    def test_cycle_break_narrows_tools(self):
+        """Option 2: cycling tools are excluded from the tools array during review."""
+        old_state = getattr(proxy, "PROXY_TOOL_STATE_MACHINE")
+        old_min_msgs = getattr(proxy, "PROXY_TOOL_STATE_MIN_MESSAGES")
+        old_forced = getattr(proxy, "PROXY_TOOL_STATE_FORCED_BUDGET")
+        old_auto = getattr(proxy, "PROXY_TOOL_STATE_AUTO_BUDGET")
+        old_stagnation = getattr(proxy, "PROXY_TOOL_STATE_STAGNATION_THRESHOLD")
+        old_cycle_window = getattr(proxy, "PROXY_TOOL_STATE_CYCLE_WINDOW")
+        try:
+            setattr(proxy, "PROXY_TOOL_STATE_MACHINE", True)
+            setattr(proxy, "PROXY_TOOL_STATE_MIN_MESSAGES", 3)
+            setattr(proxy, "PROXY_TOOL_STATE_FORCED_BUDGET", 20)
+            setattr(proxy, "PROXY_TOOL_STATE_AUTO_BUDGET", 2)
+            setattr(proxy, "PROXY_TOOL_STATE_STAGNATION_THRESHOLD", 99)
+            setattr(proxy, "PROXY_TOOL_STATE_CYCLE_WINDOW", 4)
+            monitor = proxy.SessionMonitor(context_window=262144)
+            monitor.tool_turn_phase = "act"
+            monitor.tool_state_forced_budget_remaining = 20
+            monitor.tool_call_history = ["Bash", "Bash", "Bash", "Bash"]
+            monitor.last_tool_fingerprint = "Bash"
+            body = {
+                "model": "test",
+                "messages": [
+                    {"role": "user", "content": "start"},
+                    {
+                        "role": "assistant",
+                        "content": [
+                            {"type": "tool_use", "id": "t1", "name": "Bash", "input": {"command": "ls"}},
+                        ],
+                    },
+                    {
+                        "role": "user",
+                        "content": [
+                            {"type": "tool_result", "tool_use_id": "t1", "content": "ok"},
+                        ],
+                    },
+                ],
+                "tools": [
+                    {"name": "Bash", "description": "Run command", "input_schema": {"type": "object"}},
+                    {"name": "Read", "description": "Read file", "input_schema": {"type": "object"}},
+                    {"name": "Write", "description": "Write file", "input_schema": {"type": "object"}},
+                ],
+            }
+            openai = proxy.build_openai_request(body, monitor)
+            self.assertEqual(monitor.tool_turn_phase, "review")
+            # Bash should be excluded, Read and Write should remain
+            tool_names = [t["function"]["name"] for t in openai.get("tools", [])]
+            self.assertNotIn("Bash", tool_names)
+            self.assertIn("Read", tool_names)
+            self.assertIn("Write", tool_names)
+        finally:
+            setattr(proxy, "PROXY_TOOL_STATE_MACHINE", old_state)
+            setattr(proxy, "PROXY_TOOL_STATE_MIN_MESSAGES", old_min_msgs)
+            setattr(proxy, "PROXY_TOOL_STATE_FORCED_BUDGET", old_forced)
+            setattr(proxy, "PROXY_TOOL_STATE_AUTO_BUDGET", old_auto)
+            setattr(proxy, "PROXY_TOOL_STATE_STAGNATION_THRESHOLD", old_stagnation)
+            setattr(proxy, "PROXY_TOOL_STATE_CYCLE_WINDOW", old_cycle_window)
+    def test_forced_budget_default_is_12(self):
+        """Option 3: default forced budget reduced from 24 to 12."""
+        self.assertEqual(proxy.PROXY_TOOL_STATE_FORCED_BUDGET, 12)
+    def test_review_cycle_limit_default_is_1(self):
+        """Option 4: default review cycle limit reduced from 2 to 1."""
+        self.assertEqual(proxy.PROXY_TOOL_STATE_REVIEW_CYCLE_LIMIT, 1)
+    def test_cycling_tool_names_cleared_on_reset(self):
+        """cycling_tool_names is cleared when tool turn state resets."""
+        monitor = proxy.SessionMonitor(context_window=262144)
+        monitor.cycling_tool_names = ["Bash", "Read"]
+        monitor.reset_tool_turn_state(reason="test")
+        self.assertEqual(monitor.cycling_tool_names, [])
+class TestMalformedRetryHardening(unittest.TestCase):
+    """Tests for malformed retry improvements: budget, temp escalation, message sanitization."""
+    def test_retry_max_default_is_3(self):
+        """Option 1: default retry budget increased from 2 to 3."""
+        self.assertEqual(proxy.PROXY_MALFORMED_TOOL_RETRY_MAX, 3)
+    def test_sanitize_assistant_messages_strips_tool_like_text(self):
+        """Option 3: malformed tool-like text stripped from assistant messages on retry."""
+        messages = [
+            {"role": "system", "content": "You are helpful."},
+            {"role": "user", "content": "Run a command"},
+            {"role": "assistant", "content": 'Here is the result <tool_call>{"name": "Bash", "arguments": {"command": "ls"}}</tool_call>'},
+            {"role": "user", "content": "ok"},
+        ]
+        sanitized = proxy._sanitize_assistant_messages_for_retry(messages)
+        # System and user messages unchanged
+        self.assertEqual(sanitized[0]["content"], "You are helpful.")
+        self.assertEqual(sanitized[1]["content"], "Run a command")
+        self.assertEqual(sanitized[3]["content"], "ok")
+        # Assistant message should have tool_call stripped
+        self.assertNotIn("<tool_call>", sanitized[2]["content"])
+        self.assertNotIn("Bash", sanitized[2]["content"])
+    def test_sanitize_preserves_clean_assistant_messages(self):
+        """Clean assistant messages are not modified by sanitization."""
+        messages = [
+            {"role": "assistant", "content": "I will read the file for you."},
+        ]
+        sanitized = proxy._sanitize_assistant_messages_for_retry(messages)
+        self.assertEqual(sanitized[0]["content"], "I will read the file for you.")
+    def test_sanitize_replaces_empty_content_with_placeholder(self):
+        """If stripping leaves empty content, a placeholder is used."""
+        messages = [
+            {"role": "assistant", "content": '<tool_call>{"name": "Bash", "arguments": {}}</tool_call>'},
+        ]
+        sanitized = proxy._sanitize_assistant_messages_for_retry(messages)
+        self.assertEqual(sanitized[0]["content"], "I will use the appropriate tool.")
+    def test_retry_body_uses_sanitized_messages(self):
+        """Retry body messages are sanitized before adding retry instruction."""
+        openai_body = {
+            "messages": [
+                {"role": "system", "content": "sys"},
+                {"role": "user", "content": "do it"},
+                {"role": "assistant", "content": '<tool_call>{"name":"X","arguments":{}}</tool_call>'},
+            ],
+            "tools": [{"type": "function", "function": {"name": "X", "parameters": {}}}],
+        }
+        anthropic_body = {"tools": [{"name": "X", "input_schema": {"type": "object"}}]}
+        retry = proxy._build_malformed_retry_body(
+            openai_body, anthropic_body, attempt=1, total_attempts=3,
+        )
+        # The assistant message should be sanitized
+        assistant_msgs = [m for m in retry["messages"] if m.get("role") == "assistant"]
+        for m in assistant_msgs:
+            self.assertNotIn("<tool_call>", m.get("content", ""))
 if __name__ == "__main__":
     unittest.main()