gthinking 1.3.0 → 2.1.1

package/src/llm/providers/gemini.ts

@@ -0,0 +1,201 @@
+/**
+ * Google Gemini LLM Provider
+ * 
+ * @module llm/providers/gemini
+ */
+
+import axios from 'axios';
+import { BaseLLMProvider, type LLMMessage, type LLMRequestOptions, type LLMResponse, type LLMStreamChunk } from './base';
+import { LLMError } from '../../core/errors';
+import { logger } from '../../utils/logger';
+
+/**
+ * Gemini provider configuration
+ */
+export interface GeminiConfig {
+  apiKey: string;
+  model?: string;
+  baseUrl?: string;
+  timeoutMs?: number;
+  maxRetries?: number;
+}
+
+/**
+ * Gemini provider implementation
+ */
+export class GeminiProvider extends BaseLLMProvider {
+  readonly name = 'gemini';
+  readonly availableModels = [
+    'gemini-1.5-pro',
+    'gemini-1.5-flash',
+    'gemini-1.0-pro',
+  ];
+
+  constructor(config: GeminiConfig) {
+    super({
+      apiKey: config.apiKey,
+      baseUrl: config.baseUrl ?? 'https://generativelanguage.googleapis.com/v1beta',
+      defaultModel: config.model ?? 'gemini-1.5-pro',
+      timeoutMs: config.timeoutMs,
+      maxRetries: config.maxRetries,
+    });
+  }
+
+  async complete(
+    messages: LLMMessage[],
+    options: LLMRequestOptions = {}
+  ): Promise<LLMResponse> {
+    return this.withRetry(async () => {
+      const model = this.getModel(options);
+      const url = `${this.baseUrl}/models/${model}:generateContent?key=${this.apiKey}`;
+
+      const requestBody = this.buildRequestBody(messages, options);
+
+      try {
+        const response = await axios.post(url, requestBody, {
+          timeout: options.timeoutMs ?? this.timeoutMs,
+          headers: {
+            'Content-Type': 'application/json',
+          },
+        });
+
+        return this.parseResponse(response.data, model);
+      } catch (error) {
+        if (axios.isAxiosError(error)) {
+          const statusCode = error.response?.status;
+          const errorMessage = error.response?.data?.error?.message ?? error.message;
+          
+          logger.error('Gemini API error', { statusCode, errorMessage });
+          throw new LLMError(errorMessage, 'gemini', statusCode);
+        }
+        throw error;
+      }
+    });
+  }
+
+  async *stream(
+    messages: LLMMessage[],
+    options: LLMRequestOptions = {}
+  ): AsyncGenerator<LLMStreamChunk> {
+    const model = this.getModel(options);
+    const url = `${this.baseUrl}/models/${model}:streamGenerateContent?key=${this.apiKey}`;
+
+    const requestBody = this.buildRequestBody(messages, options);
+
+    try {
+      const response = await axios.post(url, requestBody, {
+        timeout: options.timeoutMs ?? this.timeoutMs,
+        headers: {
+          'Content-Type': 'application/json',
+        },
+        responseType: 'stream',
+      });
+
+      const stream = response.data;
+      
+      for await (const chunk of stream) {
+        const lines = chunk.toString().split('\n').filter((line: string) => line.trim());
+        
+        for (const line of lines) {
+          try {
+            const data = JSON.parse(line);
+            const content = data.candidates?.[0]?.content?.parts?.[0]?.text ?? '';
+            
+            if (content) {
+              yield {
+                content,
+                isComplete: false,
+              };
+            }
+          } catch {
+            // Ignore parse errors for non-JSON lines
+          }
+        }
+      }
+
+      yield {
+        content: '',
+        isComplete: true,
+      };
+    } catch (error) {
+      if (axios.isAxiosError(error)) {
+        const statusCode = error.response?.status;
+        const errorMessage = error.response?.data?.error?.message ?? error.message;
+        throw new LLMError(errorMessage, 'gemini', statusCode);
+      }
+      throw error;
+    }
+  }
+
+  private buildRequestBody(messages: LLMMessage[], options: LLMRequestOptions): Record<string, unknown> {
+    const contents = messages.map(msg => ({
+      role: msg.role === 'user' ? 'user' : 'model',
+      parts: [{ text: msg.content }],
+    }));
+
+    const body: Record<string, unknown> = {
+      contents,
+    };
+
+    if (options.temperature !== undefined) {
+      body.generationConfig = {
+        ...(body.generationConfig as Record<string, unknown>),
+        temperature: options.temperature,
+      };
+    }
+
+    if (options.maxTokens !== undefined) {
+      body.generationConfig = {
+        ...(body.generationConfig as Record<string, unknown>),
+        maxOutputTokens: options.maxTokens,
+      };
+    }
+
+    if (options.topP !== undefined) {
+      body.generationConfig = {
+        ...(body.generationConfig as Record<string, unknown>),
+        topP: options.topP,
+      };
+    }
+
+    if (options.stopSequences !== undefined) {
+      body.generationConfig = {
+        ...(body.generationConfig as Record<string, unknown>),
+        stopSequences: options.stopSequences,
+      };
+    }
+
+    return body;
+  }
+
+  private parseResponse(data: Record<string, unknown>, model: string): LLMResponse {
+    const candidate = (data.candidates as unknown[])?.[0] as Record<string, unknown> | undefined;
+    const content = candidate?.content as Record<string, unknown> | undefined;
+    const parts = content?.parts as Array<{ text?: string }> | undefined;
+    const text = parts?.[0]?.text ?? '';
+    
+    const usage = data.usageMetadata as Record<string, number> | undefined;
+
+    return {
+      content: text,
+      model,
+      usage: {
+        promptTokens: usage?.promptTokenCount ?? 0,
+        completionTokens: usage?.candidatesTokenCount ?? 0,
+        totalTokens: usage?.totalTokenCount ?? 0,
+      },
+      finishReason: (candidate?.finishReason as string) ?? 'stop',
+    };
+  }
+
+  protected override isNonRetryableError(error: unknown): boolean {
+    if (axios.isAxiosError(error)) {
+      const statusCode = error.response?.status;
+      // Don't retry on client errors (4xx except 429)
+      if (statusCode !== undefined && statusCode >= 400 && statusCode < 500 && statusCode !== 429) {
+        return true;
+      }
+    }
+    return false;
+  }
+}

package/src/llm/sanitization.ts

@@ -0,0 +1,178 @@
+/**
+ * Input Sanitization for LLM Service
+ * 
+ * Provides security-focused sanitization to prevent prompt injection
+ * and other LLM-related security vulnerabilities.
+ * 
+ * @module llm/sanitization
+ */
+
+import { logger } from '../utils/logger';
+
+/**
+ * Sanitization options
+ */
+export interface SanitizationOptions {
+  maxLength?: number;
+  allowCode?: boolean;
+  allowHTML?: boolean;
+  allowedTags?: string[];
+}
+
+/**
+ * Default sanitization options
+ */
+const DEFAULT_OPTIONS: SanitizationOptions = {
+  maxLength: 10000,
+  allowCode: false,
+  allowHTML: false,
+  allowedTags: [],
+};
+
+/**
+ * Dangerous patterns that could indicate prompt injection
+ */
+const DANGEROUS_PATTERNS = [
+  // System prompt injection attempts
+  /ignore\s+(previous|prior|above)\s+instructions?/gi,
+  /disregard\s+(all\s+)?(previous|prior)\s+instructions?/gi,
+  /forget\s+(everything|all)\s+(you\s+)?(were\s+)?told/gi,
+  /system\s*:\s*/gi,
+  /user\s*:\s*/gi,
+  /assistant\s*:\s*/gi,
+  /\[system\s+prompt\]/gi,
+  /\[instructions\]/gi,
+  
+  // Jailbreak attempts
+  /DAN\s*\(|do\s+anything\s+now/gi,
+  /jailbreak/gi,
+  /\bmode\s*:\s*\w+\s+unfiltered/gi,
+  /no\s+(restrictions?|limits?|filter)/gi,
+  
+  // Delimiter manipulation
+  /```\s*system/gi,
+  /<\|system\|>/gi,
+  /<\|im_start\|>/gi,
+  /<\|im_end\|>/gi,
+];
+
+/**
+ * Sanitize a prompt for LLM use
+ * 
+ * @param input - Raw input string
+ * @param options - Sanitization options
+ * @returns Sanitized string
+ */
+export function sanitizePrompt(input: string, options: SanitizationOptions = {}): string {
+  const opts = { ...DEFAULT_OPTIONS, ...options };
+  
+  // Check for dangerous patterns
+  for (const pattern of DANGEROUS_PATTERNS) {
+    if (pattern.test(input)) {
+      logger.warn('Potentially dangerous pattern detected in prompt', { pattern: pattern.source });
+    }
+  }
+  
+  let sanitized = input;
+  
+  // Remove null bytes and control characters
+  sanitized = sanitized.replace(/[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]/g, '');
+  
+  // Remove potential prompt injection markers
+  sanitized = sanitized.replace(/^(system|user|assistant)\s*:\s*/gim, '');
+  
+  // Remove system prompt markers
+  sanitized = sanitized.replace(/\[system\s+prompt\]/gi, '');
+  sanitized = sanitized.replace(/\[instructions?\]/gi, '');
+  
+  // Handle code blocks
+  if (!opts.allowCode) {
+    // Escape code block markers
+    sanitized = sanitized.replace(/```/g, '` ` `');
+  }
+  
+  // Handle HTML
+  if (!opts.allowHTML) {
+    // Remove or escape HTML tags
+    sanitized = sanitized.replace(/</g, '&lt;').replace(/>/g, '&gt;');
+  }
+  
+  // Trim whitespace
+  sanitized = sanitized.trim();
+  
+  // Enforce length limit
+  if (sanitized.length > opts.maxLength!) {
+    logger.warn('Prompt truncated due to length limit', { 
+      originalLength: sanitized.length, 
+      maxLength: opts.maxLength 
+    });
+    sanitized = sanitized.substring(0, opts.maxLength);
+  }
+  
+  return sanitized;
+}
+
+/**
+ * Validate that a prompt is safe to use
+ * 
+ * @param input - Input to validate
+ * @returns Validation result
+ */
+export function validatePrompt(input: string): { safe: boolean; issues: string[] } {
+  const issues: string[] = [];
+  
+  // Check for dangerous patterns
+  for (const pattern of DANGEROUS_PATTERNS) {
+    if (pattern.test(input)) {
+      issues.push(`Suspicious pattern detected: ${pattern.source}`);
+    }
+  }
+  
+  // Check length
+  if (input.length > 10000) {
+    issues.push('Input exceeds maximum length of 10000 characters');
+  }
+  
+  // Check for null bytes
+  if (/\x00/.test(input)) {
+    issues.push('Input contains null bytes');
+  }
+  
+  return {
+    safe: issues.length === 0,
+    issues,
+  };
+}
+
+/**
+ * Escape special characters for safe inclusion in prompts
+ * 
+ * @param input - Input to escape
+ * @returns Escaped string
+ */
+export function escapeSpecialChars(input: string): string {
+  return input
+    .replace(/\\/g, '\\\\')
+    .replace(/"/g, '\\"')
+    .replace(/\n/g, '\\n')
+    .replace(/\r/g, '\\r')
+    .replace(/\t/g, '\\t');
+}
+
+/**
+ * Sanitize LLM response to remove any system-like content
+ * 
+ * @param response - LLM response
+ * @returns Sanitized response
+ */
+export function sanitizeResponse(response: string): string {
+  let sanitized = response;
+  
+  // Remove system-like prefixes
+  sanitized = sanitized.replace(/^(system|user|assistant)\s*:\s*/gim, '');
+  
+  // Remove any embedded instructions
+  sanitized = sanitized.replace(/\[system\s+prompt\].*?\[\/system\s+prompt\]/gis, '');
+  
+  return sanitized.trim();
+}

package/src/mcp/server.ts

@@ -0,0 +1,117 @@
+#!/usr/bin/env node
+
+import { Server } from "@modelcontextprotocol/sdk/server/index.js";
+import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
+import {
+  CallToolRequestSchema,
+  ListToolsRequestSchema,
+} from "@modelcontextprotocol/sdk/types.js";
+import { SequentialThinkingEngine } from "../core/engine";
+import { Logger } from "../utils/logger";
+
+const logger = new Logger('MCPServer');
+const engine = new SequentialThinkingEngine();
+
+const server = new Server(
+  {
+    name: "gthinking",
+    version: "2.0.0",
+  },
+  {
+    capabilities: {
+      tools: {},
+    },
+  }
+);
+
+server.setRequestHandler(ListToolsRequestSchema, async () => {
+  return {
+    tools: [
+      {
+        name: "think",
+        description: "Execute full thinking pipeline",
+        inputSchema: {
+          type: "object",
+          properties: {
+            query: { type: "string" },
+            preferredStages: { 
+                type: "array", 
+                items: { type: "string" } 
+            },
+            options: { type: "object" }
+          },
+          required: ["query"]
+        }
+      },
+      {
+        name: "quick_search",
+        description: "Execute quick search",
+        inputSchema: {
+          type: "object",
+          properties: {
+            query: { type: "string" }
+          },
+          required: ["query"]
+        }
+      },
+      {
+        name: "creative_solve",
+        description: "Solve problem creatively",
+        inputSchema: {
+          type: "object",
+          properties: {
+            challenge: { type: "string" },
+            techniques: { 
+                type: "array",
+                items: { type: "string" }
+            }
+          },
+          required: ["challenge"]
+        }
+      }
+    ]
+  };
+});
+
+server.setRequestHandler(CallToolRequestSchema, async (request) => {
+  const { name, arguments: args } = request.params;
+  
+  try {
+      if (name === "think") {
+        const result = await engine.think(args);
+        return {
+            content: [{ type: "text", text: JSON.stringify(result, null, 2) }]
+        };
+      } else if (name === "quick_search") {
+          const query = (args as any).query;
+          const result = await engine.quickSearch(query);
+          return {
+              content: [{ type: "text", text: JSON.stringify(result, null, 2) }]
+          };
+      } else if (name === "creative_solve") {
+          const challenge = (args as any).challenge;
+          const result = await engine.creativeSolve(challenge);
+          return {
+              content: [{ type: "text", text: JSON.stringify(result, null, 2) }]
+          };
+      }
+      
+      throw new Error(`Unknown tool: ${name}`);
+  } catch (error) {
+      return {
+          content: [{ type: "text", text: `Error: ${(error as Error).message}` }],
+          isError: true
+      };
+  }
+});
+
+async function run() {
+    const transport = new StdioServerTransport();
+    await server.connect(transport);
+    logger.info("MCP Server running on stdio");
+}
+
+run().catch((error) => {
+    console.error("Fatal error running server:", error);
+    process.exit(1);
+});

package/src/planning/planning-engine.ts

@@ -0,0 +1,14 @@
+import { EventEmitter } from 'events';
+import { Logger } from '../utils/logger';
+
+const logger = new Logger('PlanningEngine');
+
+export class PlanningEngine extends EventEmitter {
+  constructor() {
+    super();
+  }
+}
+
+export function createPlanningEngine(): PlanningEngine {
+  return new PlanningEngine();
+}

package/src/reasoning/reasoning-engine.ts

@@ -0,0 +1,14 @@
+import { EventEmitter } from 'events';
+import { Logger } from '../utils/logger';
+
+const logger = new Logger('ReasoningEngine');
+
+export class ReasoningEngine extends EventEmitter {
+  constructor() {
+    super();
+  }
+}
+
+export function createReasoningEngine(): ReasoningEngine {
+  return new ReasoningEngine();
+}