exaai-agent 2.0.5__py3-none-any.whl → 2.0.6__py3-none-any.whl

{exaai_agent-2.0.5.dist-info → exaai_agent-2.0.6.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: exaai-agent
-Version: 2.0.5
+Version: 2.0.6
 Summary: ExaaiAgnt - Advanced AI Security Agent for Comprehensive Penetration Testing
 License: Apache-2.0
 License-File: LICENSE

{exaai_agent-2.0.5.dist-info → exaai_agent-2.0.6.dist-info}/RECORD

@@ -28,23 +28,26 @@ exaaiagnt/interface/tool_components/terminal_renderer.py,sha256=-ORL2vBH5XImUZrI
 exaaiagnt/interface/tool_components/thinking_renderer.py,sha256=-MQLkKCgOJksrustULFf2jhAjJrP5bbfS2BQ6zgNKCc,927
 exaaiagnt/interface/tool_components/user_message_renderer.py,sha256=6gHJ1hG-pwcTsxLM7JuYZuaDu8cZ2MeOuUDF3LGy-4I,1432
 exaaiagnt/interface/tool_components/web_search_renderer.py,sha256=JnJa22ACIcRksfxxdenesUo8Th9cHSxo-fej9YcuYHs,911
-exaaiagnt/interface/tui.py,sha256=n1_sy99896cQsoTgh6I4N-S--MW_IxLU_PxYOUnGNA8,49002
+exaaiagnt/interface/tui.py,sha256=JqwCjKvqnm4C0Hz9A8oGPbzNAvficd5WqnxQ4WCedvI,49777
 exaaiagnt/interface/utils.py,sha256=xp6eDOC8C0c3cjt791S_jBDs1B-xp_ydIb74QnMLEt8,20219
-exaaiagnt/llm/__init__.py,sha256=gWdYEZJfiWG3w61gbsSYiT8OtRvQAF84onDiNtGxqPg,743
+exaaiagnt/llm/__init__.py,sha256=hUVixjSSIUtwIP2I5D_9e6Kdxhhunnajgxx_2DEYNww,1095
 exaaiagnt/llm/config.py,sha256=HQ0skwQxtHwiDLDWBCU1Fp4UoQ8tbrTNQw9s7JGVaiY,3303
 exaaiagnt/llm/fallback.py,sha256=oPS0PGRxEHnyyBgS4yP9zdwSf4JFJh4dYZ3g8OFwWEE,11413
-exaaiagnt/llm/llm.py,sha256=4G934JpTdR-LZhYP7KsgDyUMbuXySd-nV9CQTno1rJ0,18173
+exaaiagnt/llm/llm.py,sha256=EEPte4O37YVhCrJleHS8uU5eaYw_WDXKIEwlK2USJgE,18606
+exaaiagnt/llm/llm_traffic_controller.py,sha256=HZ0OZcbfr5XLVSpuW8EQLn3gQht3rjY1n6SGRFpBZa0,12187
 exaaiagnt/llm/memory_compressor.py,sha256=_At7e5QlDv2vrUDUJMEwm4CjNJ2uGYQsOBhiHiQvVr8,7054
 exaaiagnt/llm/output_processor.py,sha256=JC3TtzYj9DJhJRuKzz_VV3WIwAyYhUdZeY1N9c4SzVw,13568
 exaaiagnt/llm/request_queue.py,sha256=niwJVzWyvNcOl9uVYABO55c6ZReMxY_GIUhKXh946dI,9195
 exaaiagnt/llm/utils.py,sha256=0Z0r6qo9IfUSOJt5FJsq3X-veXrA8A09frc2VIy-aS4,2540
 exaaiagnt/prompts/README.md,sha256=Svgjx8pO1W0aVzC9z0Fxs88-NBA1whEqU8zrGBDqO0M,3813
 exaaiagnt/prompts/__init__.py,sha256=nUs1powNe_6sWmM5_KkAIxZj97t5IiMMgNrL39WwUjg,5042
-exaaiagnt/prompts/auto_loader.py,sha256=FawiGCU86ejFxvWnAKFL0bDd6sLou_tU0DccejWN6zA,8359
+exaaiagnt/prompts/auto_loader.py,sha256=SNCewvdqfsIXydOcBNVcEE_x_w_j0Pl7ebOeOSNJ94E,12008
 exaaiagnt/prompts/cloud/.gitkeep,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+exaaiagnt/prompts/cloud/aws_cloud_security.jinja,sha256=ObimikftsoqGzxhrvI6pQLVRQ4MmkJpjwexORS7P7uo,6768
 exaaiagnt/prompts/coordination/root_agent.jinja,sha256=05VUZKnBX_7-FjEYilEq_OJG4u01_56bf4mzGNbFtJc,1996
 exaaiagnt/prompts/custom/.gitkeep,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 exaaiagnt/prompts/frameworks/fastapi.jinja,sha256=zXa08RDG9tVQu6MZetKCcOUPuDDKJJF1anTei7_2TZg,10200
+exaaiagnt/prompts/frameworks/modern_js_frameworks.jinja,sha256=UmqpJeXF87wsBpU-Nfg7KK9ftUtz4ug9LXw_2g3RXLk,5752
 exaaiagnt/prompts/frameworks/nextjs.jinja,sha256=AhfKOUl2bQzRWqqCw5lrjrXaKIkZ3CEEjVJwPJF8nP8,8175
 exaaiagnt/prompts/protocols/graphql.jinja,sha256=Tm538OmlFOJvuOwd4MXYQ4KYR7k4bJ4r-z4yoFcF6-8,10454
 exaaiagnt/prompts/reconnaissance/.gitkeep,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -74,6 +77,7 @@ exaaiagnt/prompts/vulnerabilities/privilege_escalation.jinja,sha256=XY0atQ4nEkGs
 exaaiagnt/prompts/vulnerabilities/prototype_pollution.jinja,sha256=g-I6ouqaZpxqoTa4MyGHaUKxwlM-gFrPo_F1T8r_ASI,6486
 exaaiagnt/prompts/vulnerabilities/race_conditions.jinja,sha256=ZHxdZc7v7yvhmUWJK3P3kIzOz3oaYRb2OJEzG1momcg,8372
 exaaiagnt/prompts/vulnerabilities/rce.jinja,sha256=tgmocWH3Y9FJ3fBeR9DTR7ViBcuH5salGis8vywJ2h8,8425
+exaaiagnt/prompts/vulnerabilities/react2shell.jinja,sha256=ZO4lxSpyXm6pVgBw4kUNqWVttSBa04LhqYy6NTj3RQo,6862
 exaaiagnt/prompts/vulnerabilities/reconnaissance_osint.jinja,sha256=Bify6rb6cQGeP-q-PnD9GfOU2dunI0inATpf_IERaik,5552
 exaaiagnt/prompts/vulnerabilities/sql_injection.jinja,sha256=tdFjkbu5p_di0Zui95o2Eh1v-Ulvwg1qcENDNLswv1Q,8426
 exaaiagnt/prompts/vulnerabilities/ssrf.jinja,sha256=XMRAclYIyq0JhVSXopTsbZAm-wRxz-zZfDHdaFgVeiw,7899
@@ -90,7 +94,7 @@ exaaiagnt/runtime/tool_manager.py,sha256=CMUYlOC3Ez-9eqzz12tJO9tijdIBznFqCUwcT0h
 exaaiagnt/runtime/tool_server.py,sha256=e23TJYL5w32gMqLS9UJ0xw3XZ4lM38ETBvHVHKk3APU,6835
 exaaiagnt/telemetry/__init__.py,sha256=8QLHMvrVNLlGKezWTf3mTSmTOLIvDS5xVciry1KVS1Y,130
 exaaiagnt/telemetry/tracer.py,sha256=DZuQ-xGdPWB2FKEn_rRPxP1RO2_acXQRkHzuhApAI88,12582
-exaaiagnt/tools/__init__.py,sha256=RMiBFQYQxhifsSvZFgfhPLI9FEl-jIeUSo0QdJhBXk4,2087
+exaaiagnt/tools/__init__.py,sha256=tFPqL3VKFumF1LgYMhvaecwTQ9b7vHxk0hRArPp3z2U,3402
 exaaiagnt/tools/agents_graph/__init__.py,sha256=FLJ2kGxXICY2pRKrC0sgIc3w3KhZo7VID7hbwYcgBfM,278
 exaaiagnt/tools/agents_graph/agents_graph_actions.py,sha256=ujBj3R3MpOmIVsN4T3nekVhreu60xA2EEg9rYXCdz2c,21103
 exaaiagnt/tools/agents_graph/agents_graph_actions_schema.xml,sha256=fczqDpNw2m58p2O_G0amBZso--EjEGZuK829lB-cXdE,12617
@@ -123,6 +127,8 @@ exaaiagnt/tools/registry.py,sha256=iBRwtiWLQr3fo1vSAOehWbIlr6cqnNPLB1dluXtsf8s,6
 exaaiagnt/tools/reporting/__init__.py,sha256=_cYxb3OP0vZtCwO_ExLBjhAn1ECaG-SH1Z4wfGDyT1Y,110
 exaaiagnt/tools/reporting/reporting_actions.py,sha256=aVEwfG5GgJ68bFJOicO_YD2yp5wCimxlnZzpXX3TJcQ,2200
 exaaiagnt/tools/reporting/reporting_actions_schema.xml,sha256=y_g0iuyBuCh79fvA0ri8fOPlXY7uUd-P-mdzXLUyIJg,1629
+exaaiagnt/tools/response_analyzer.py,sha256=ZBOGwGkH2VM96UH4ZrYhPYI8S_YZp0SG8EDThO7bAX0,10566
+exaaiagnt/tools/smart_fuzzer.py,sha256=FQ3RQ8IYFRTEAsKzEtfephCpHbdmDRMm068AsEQ2B-k,12286
 exaaiagnt/tools/terminal/__init__.py,sha256=xvflcrbLQ31o_K3cWFsIhTm7gxY5JF0nVnhOIadwFV0,80
 exaaiagnt/tools/terminal/terminal_actions.py,sha256=5z3OTF0YwZL0n_CVsx1yLmbSx7oUQg-xD0Wv8IXsIlw,892
 exaaiagnt/tools/terminal/terminal_actions_schema.xml,sha256=L7dzjvKNZpJA0qDGp1gCBuwXiY4mtjOq7T2tNDmUPA4,7257
@@ -131,12 +137,14 @@ exaaiagnt/tools/terminal/terminal_session.py,sha256=ExC2s0xyS6m157ENkWqAHzPp1Pv9
 exaaiagnt/tools/thinking/__init__.py,sha256=-v4fG4fyFkqsTSWspDtCT6IRlyRM8zeUwEM-kscaxDE,58
 exaaiagnt/tools/thinking/thinking_actions.py,sha256=Ynw1gBN4Z8iXGll0v9kObhkjQzc8-dEcHTWKeyFutAw,568
 exaaiagnt/tools/thinking/thinking_actions_schema.xml,sha256=otD4dOhQx4uyudLnjA_HIP6EmUS5NvKG4l3CVFrg8go,2756
+exaaiagnt/tools/tool_prompts.py,sha256=eQL7B8H8mo6d6mvtN_X9rmSfjwgz9Cuzfg7C7WH6TnU,5751
+exaaiagnt/tools/vuln_validator.py,sha256=jgfPOVogjfMSVaorlzXTUA56N1RgYrpF1QshKeHQBn8,13944
 exaaiagnt/tools/waf_bypass.py,sha256=71oPWnDHjn2EHi6I1SluZCKfqfXkA5j61oIkL5kNoSw,12047
 exaaiagnt/tools/web_search/__init__.py,sha256=m5PCHXqeNVraLRLNIbh54Z2N4Y_75d-ftqwyq3dbCd0,70
 exaaiagnt/tools/web_search/web_search_actions.py,sha256=jmlN2uIq8lRbhRnyaMQkC-44jhpfkLQZ_byYNlNNlOY,3111
 exaaiagnt/tools/web_search/web_search_actions_schema.xml,sha256=Ihc3Gv4LaPI_MzBbwZOt3y4pwg9xmtl8KfPNvFihEP4,4805
-exaai_agent-2.0.5.dist-info/METADATA,sha256=lIW_IEGqPyexvHurDW7ZMMuxkqdQV3zSXlX7EdhuzzM,12285
-exaai_agent-2.0.5.dist-info/WHEEL,sha256=zp0Cn7JsFoX2ATtOhtaFYIiE2rmFAD4OcMhtUki8W3U,88
-exaai_agent-2.0.5.dist-info/entry_points.txt,sha256=oEpWNyB806orvfN_GnSjsmoizJsfQoaU1RTYdGFJrWw,59
-exaai_agent-2.0.5.dist-info/licenses/LICENSE,sha256=RV6IGl0sWdfbbtJmjPr1w_qwGyGt2jv02PXsAzN_kNs,11460
-exaai_agent-2.0.5.dist-info/RECORD,,
+exaai_agent-2.0.6.dist-info/METADATA,sha256=RaTv_P1HP1FnB2bH9xWJCwILIVymtMDe_5SUxCCAGU8,12285
+exaai_agent-2.0.6.dist-info/WHEEL,sha256=zp0Cn7JsFoX2ATtOhtaFYIiE2rmFAD4OcMhtUki8W3U,88
+exaai_agent-2.0.6.dist-info/entry_points.txt,sha256=oEpWNyB806orvfN_GnSjsmoizJsfQoaU1RTYdGFJrWw,59
+exaai_agent-2.0.6.dist-info/licenses/LICENSE,sha256=RV6IGl0sWdfbbtJmjPr1w_qwGyGt2jv02PXsAzN_kNs,11460
+exaai_agent-2.0.6.dist-info/RECORD,,

exaaiagnt/interface/tui.py

@@ -80,7 +80,7 @@ class SplashScreen(Static):  # type: ignore[misc]
     NEON_ORANGE = "#ff8800"
     SOFT_WHITE = "#e0e0e0"
     
-    # Responsive ASCII Logo - works on all screen sizes
+    # Enhanced ASCII Logo - ExaAi v2.0.4
     BANNER = r"""
     ███████╗██╗  ██╗ █████╗      █████╗ ██╗
     ██╔════╝╚██╗██╔╝██╔══██╗    ██╔══██╗██║
@@ -97,7 +97,6 @@ class SplashScreen(Static):  # type: ignore[misc]
    ▒███   ░░  █   ░▒██  ▀█▄      ▒██  ▀█▄  ▒██▒
    ▒▓█  ▄  ░ █ █ ▒ ░██▄▄▄▄██     ░██▄▄▄▄██ ░██░
    ░▒████▒▒██▒ ▒██▒ ▓█   ▓██▒     ▓█   ▓██▒░██░
-   ░░ ▒░ ░▒▒ ░ ░▓ ░ ▒▒   ▓▒█░     ▒▒   ▓▒█░░▓  
     """
 
     def __init__(self, *args: Any, **kwargs: Any) -> None:
@@ -145,6 +144,7 @@ class SplashScreen(Static):  # type: ignore[misc]
             Align.center(self._build_version_text()),
             Align.center(self._build_tagline_text()),
             Align.center(self._build_features_text()),
+            Align.center(self._build_new_features_text()),
             Align.center(Text(" ")),
             Align.center(start_line.copy()),
         )
@@ -176,8 +176,22 @@ class SplashScreen(Static):  # type: ignore[misc]
     def _build_version_text(self) -> Text:
         text = Text("v", style=Style(color=self.SOFT_WHITE, dim=True))
         text.append(f"{self._version}", style=Style(color=self.NEON_GREEN, bold=True))
+        text.append(" ", style=Style(color=self.SOFT_WHITE))
+        text.append("• Adaptive LLM • Smart Fuzzing • WAF Bypass", style=Style(color=self.SOFT_WHITE, dim=True))
         return text
 
+    def _build_new_features_text(self) -> Text:
+        """Build new features highlight for v2.0.4."""
+        text = Text("🔥 ", style=Style(color=self.NEON_ORANGE))
+        text.append("NEW: ", style=Style(color=self.NEON_ORANGE, bold=True))
+        text.append("React2Shell", style=Style(color=self.NEON_PINK))
+        text.append(" • ", style=Style(color=self.SOFT_WHITE, dim=True))
+        text.append("Cloud Security", style=Style(color=self.NEON_CYAN))
+        text.append(" • ", style=Style(color=self.SOFT_WHITE, dim=True))
+        text.append("Auto-Discovery", style=Style(color=self.NEON_GREEN))
+        return text
+
+
     def _build_tagline_text(self) -> Text:
         text = Text("🔒 ", style=Style(color=self.NEON_ORANGE))
         text.append("Advanced AI-Powered Cybersecurity Agent", style=Style(color=self.SOFT_WHITE, italic=True))

exaaiagnt/llm/__init__.py

@@ -14,6 +14,13 @@ from .output_processor import (
     OutputConfig,
     process_tool_output,
 )
+from .llm_traffic_controller import (
+    get_traffic_controller,
+    AdaptiveLLMController,
+    RequestPriority,
+    reset_traffic_controller,
+    with_traffic_control,
+)
 
 
 __all__ = [
@@ -29,6 +36,12 @@ __all__ = [
     "OutputProcessor",
     "OutputConfig",
     "process_tool_output",
+    # Traffic Controller
+    "get_traffic_controller",
+    "AdaptiveLLMController",
+    "RequestPriority",
+    "reset_traffic_controller",
+    "with_traffic_control",
 ]
 
 litellm._logging._disable_debugging()

exaaiagnt/llm/llm.py

@@ -17,7 +17,7 @@ from litellm.utils import supports_prompt_caching
 
 from exaaiagnt.llm.config import LLMConfig
 from exaaiagnt.llm.memory_compressor import MemoryCompressor
-from exaaiagnt.llm.request_queue import get_global_queue
+from exaaiagnt.llm.llm_traffic_controller import get_traffic_controller, RequestPriority
 from exaaiagnt.llm.utils import _truncate_to_first_function, parse_tool_invocations
 from exaaiagnt.prompts import load_prompt_modules
 from exaaiagnt.tools import get_tools_prompt
@@ -423,8 +423,19 @@ class LLM:
             else:
                 completion_args["reasoning_effort"] = "high"
 
-        queue = get_global_queue()
-        response = await queue.make_request(completion_args)
+        # Use Adaptive Traffic Controller for intelligent rate limiting
+        controller = get_traffic_controller()
+        agent_id = self.agent_id or "unknown_agent"
+        
+        async def do_request():
+            from litellm import completion
+            return completion(**completion_args, stream=False)
+        
+        response = await controller.queue_request(
+            do_request,
+            agent_id=agent_id,
+            priority=RequestPriority.NORMAL
+        )
 
         self._total_stats.requests += 1
         self._last_request_stats = RequestStats(requests=1)

exaaiagnt/llm/llm_traffic_controller.py

@@ -0,0 +1,351 @@
+"""
+Adaptive LLM Traffic Controller - Intelligent rate limiting and queue management.
+
+Features:
+- Single LLM request at a time (serialized)
+- Non-blocking queue for waiting agents
+- Automatic rate limit detection and delay
+- Tool-first execution mode
+- Automatic recovery with smart retry
+"""
+
+import asyncio
+import logging
+import time
+from dataclasses import dataclass, field
+from enum import Enum
+from typing import Any, Callable, Optional
+from collections import deque
+
+
+logger = logging.getLogger(__name__)
+
+
+class RequestPriority(Enum):
+    """Priority levels for LLM requests."""
+    CRITICAL = 3  # Must execute ASAP (auth, security critical)
+    NORMAL = 2    # Standard agent requests
+    LOW = 1       # Background tasks, summaries
+
+
+@dataclass
+class QueuedRequest:
+    """A queued LLM request with metadata."""
+    request_id: str
+    agent_id: str
+    priority: RequestPriority
+    request_func: Callable
+    args: tuple
+    kwargs: dict
+    created_at: float = field(default_factory=time.time)
+    future: asyncio.Future = field(default_factory=lambda: asyncio.get_event_loop().create_future())
+
+
+class AdaptiveLLMController:
+    """
+    Adaptive Multi-Agent LLM Traffic Controller.
+    
+    Implements:
+    1. Single concurrent LLM request (serialized calls)
+    2. Non-blocking queue for agents
+    3. Intelligent throttling with adaptive delays
+    4. Tool-first execution mode
+    5. Automatic recovery from rate limits
+    """
+    
+    _instance: Optional["AdaptiveLLMController"] = None
+    
+    def __new__(cls) -> "AdaptiveLLMController":
+        if cls._instance is None:
+            cls._instance = super().__new__(cls)
+            cls._instance._initialized = False
+        return cls._instance
+    
+    def __init__(self):
+        if self._initialized:
+            return
+        
+        # Core state
+        self._queue: deque[QueuedRequest] = deque()
+        self._is_processing = False
+        self._lock = asyncio.Lock()
+        
+        # Rate limiting state
+        self._last_request_time = 0.0
+        self._consecutive_rate_limits = 0
+        self._base_delay = 2.0  # Base delay between requests
+        self._current_delay = 2.0
+        self._max_delay = 30.0
+        
+        # Statistics
+        self._total_requests = 0
+        self._successful_requests = 0
+        self._rate_limit_hits = 0
+        self._retries = 0
+        
+        # Tool execution mode
+        self._tool_executing = False
+        self._tool_execution_lock = asyncio.Lock()
+        
+        # Configuration
+        self._max_retries = 3
+        self._rate_limit_wait = 6.0  # Wait time after rate limit
+        self._enable_verbose_logging = False
+        
+        self._initialized = True
+        logger.info("AdaptiveLLMController initialized - Traffic Control Enabled")
+    
+    async def queue_request(
+        self,
+        request_func: Callable,
+        *args,
+        agent_id: str = "unknown",
+        priority: RequestPriority = RequestPriority.NORMAL,
+        **kwargs
+    ) -> Any:
+        """
+        Queue an LLM request and wait for result.
+        
+        Non-blocking for the caller - they just await the result.
+        Internally, requests are processed one at a time.
+        """
+        request_id = f"{agent_id}_{int(time.time() * 1000)}"
+        
+        # Create future for this request
+        loop = asyncio.get_event_loop()
+        future = loop.create_future()
+        
+        queued = QueuedRequest(
+            request_id=request_id,
+            agent_id=agent_id,
+            priority=priority,
+            request_func=request_func,
+            args=args,
+            kwargs=kwargs,
+            future=future
+        )
+        
+        # Add to queue
+        async with self._lock:
+            # Insert by priority
+            if priority == RequestPriority.CRITICAL:
+                self._queue.appendleft(queued)
+            else:
+                self._queue.append(queued)
+            
+            queue_size = len(self._queue)
+            if queue_size > 1 and not self._enable_verbose_logging:
+                logger.debug(f"Request queued: {request_id}, queue size: {queue_size}")
+        
+        # Start processing if not already running
+        asyncio.create_task(self._process_queue())
+        
+        # Wait for result
+        return await future
+    
+    async def _process_queue(self):
+        """Process queued requests one at a time."""
+        async with self._lock:
+            if self._is_processing:
+                return
+            self._is_processing = True
+        
+        try:
+            while True:
+                # Get next request
+                async with self._lock:
+                    if not self._queue:
+                        break
+                    request = self._queue.popleft()
+                
+                # Wait if tool is executing
+                if self._tool_executing:
+                    async with self._tool_execution_lock:
+                        pass  # Wait for tool to finish
+                
+                # Execute request with rate limiting
+                await self._execute_request(request)
+                
+        finally:
+            async with self._lock:
+                self._is_processing = False
+    
+    async def _execute_request(self, request: QueuedRequest):
+        """Execute a single request with rate limiting and retry."""
+        self._total_requests += 1
+        
+        # Adaptive delay
+        await self._apply_rate_limit_delay()
+        
+        # Try request with retry
+        last_error = None
+        for attempt in range(self._max_retries + 1):
+            try:
+                # Execute the request
+                result = await self._call_with_timeout(
+                    request.request_func,
+                    *request.args,
+                    **request.kwargs
+                )
+                
+                # Success!
+                self._successful_requests += 1
+                self._consecutive_rate_limits = 0
+                self._current_delay = self._base_delay  # Reset delay
+                
+                request.future.set_result(result)
+                return
+                
+            except Exception as e:
+                last_error = e
+                error_str = str(e).lower()
+                
+                # Check for rate limit
+                if "rate" in error_str and "limit" in error_str:
+                    self._rate_limit_hits += 1
+                    self._consecutive_rate_limits += 1
+                    self._retries += 1
+                    
+                    # Increase delay exponentially
+                    self._current_delay = min(
+                        self._current_delay * 1.5,
+                        self._max_delay
+                    )
+                    
+                    if attempt < self._max_retries:
+                        wait_time = self._rate_limit_wait * (attempt + 1)
+                        logger.warning(
+                            f"Rate limit hit (attempt {attempt + 1}/{self._max_retries + 1}), "
+                            f"waiting {wait_time}s before retry"
+                        )
+                        await asyncio.sleep(wait_time)
+                        continue
+                
+                # Other errors - log and continue to next attempt
+                if attempt < self._max_retries:
+                    logger.warning(f"Request failed (attempt {attempt + 1}): {e}")
+                    self._retries += 1
+                    await asyncio.sleep(2.0 * (attempt + 1))
+                    continue
+        
+        # All retries failed
+        request.future.set_exception(last_error or Exception("Request failed"))
+    
+    async def _call_with_timeout(self, func: Callable, *args, **kwargs) -> Any:
+        """Call function with timeout."""
+        timeout = kwargs.pop('timeout', 300)
+        
+        if asyncio.iscoroutinefunction(func):
+            return await asyncio.wait_for(func(*args, **kwargs), timeout=timeout)
+        else:
+            # Run sync function in thread
+            loop = asyncio.get_event_loop()
+            return await asyncio.wait_for(
+                loop.run_in_executor(None, lambda: func(*args, **kwargs)),
+                timeout=timeout
+            )
+    
+    async def _apply_rate_limit_delay(self):
+        """Apply intelligent rate limiting delay."""
+        now = time.time()
+        time_since_last = now - self._last_request_time
+        
+        # Calculate required delay
+        required_delay = self._current_delay - time_since_last
+        
+        if required_delay > 0:
+            # Add jitter to prevent thundering herd
+            jitter = required_delay * 0.1 * (0.5 - asyncio.get_event_loop().time() % 1)
+            total_delay = max(0, required_delay + jitter)
+            
+            if total_delay > 0.5 and not self._enable_verbose_logging:
+                logger.debug(f"Rate limiting: waiting {total_delay:.2f}s")
+            
+            await asyncio.sleep(total_delay)
+        
+        self._last_request_time = time.time()
+    
+    # Tool execution mode
+    async def enter_tool_mode(self):
+        """Enter tool-first execution mode - pause LLM calls."""
+        await self._tool_execution_lock.acquire()
+        self._tool_executing = True
+    
+    async def exit_tool_mode(self):
+        """Exit tool mode - resume LLM calls."""
+        self._tool_executing = False
+        if self._tool_execution_lock.locked():
+            self._tool_execution_lock.release()
+    
+    def is_tool_executing(self) -> bool:
+        """Check if tool is currently executing."""
+        return self._tool_executing
+    
+    # Statistics
+    def get_stats(self) -> dict[str, Any]:
+        """Get traffic controller statistics."""
+        return {
+            "total_requests": self._total_requests,
+            "successful_requests": self._successful_requests,
+            "rate_limit_hits": self._rate_limit_hits,
+            "retries": self._retries,
+            "queue_size": len(self._queue),
+            "current_delay": self._current_delay,
+            "consecutive_rate_limits": self._consecutive_rate_limits,
+            "is_processing": self._is_processing,
+            "tool_executing": self._tool_executing,
+        }
+    
+    def reset_stats(self):
+        """Reset statistics."""
+        self._total_requests = 0
+        self._successful_requests = 0
+        self._rate_limit_hits = 0
+        self._retries = 0
+    
+    def set_base_delay(self, delay: float):
+        """Set base delay between requests."""
+        self._base_delay = delay
+        self._current_delay = delay
+    
+    def set_verbose(self, enabled: bool):
+        """Enable/disable verbose logging."""
+        self._enable_verbose_logging = enabled
+
+
+# Global instance
+_controller: Optional[AdaptiveLLMController] = None
+
+
+def get_traffic_controller() -> AdaptiveLLMController:
+    """Get or create the global traffic controller."""
+    global _controller
+    if _controller is None:
+        _controller = AdaptiveLLMController()
+    return _controller
+
+
+def reset_traffic_controller():
+    """Reset the global traffic controller."""
+    global _controller
+    _controller = None
+
+
+# Convenience decorator for LLM requests
+def with_traffic_control(priority: RequestPriority = RequestPriority.NORMAL):
+    """Decorator to route LLM requests through traffic controller."""
+    def decorator(func: Callable):
+        async def wrapper(*args, agent_id: str = "unknown", **kwargs):
+            controller = get_traffic_controller()
+            return await controller.queue_request(
+                func, *args,
+                agent_id=agent_id,
+                priority=priority,
+                **kwargs
+            )
+        return wrapper
+    return decorator
+
+
+# Export confirmation
+logger.info("Adaptive LLM Traffic Control Module Loaded")

exaaiagnt/prompts/auto_loader.py

@@ -172,6 +172,44 @@ MODULE_PATTERNS = {
         "keywords": ["recon", "reconnaissance", "enumerate", "discover", "fingerprint", "osint"],
         "domain_only": True,
     },
+    
+    # React2Shell - RSC Deserialization RCE (CVE-2025-55182)
+    "react2shell": {
+        "url_patterns": [
+            r"/_next/",
+            r"/_next/static",
+            r"/_actions",
+            r"/api/",
+        ],
+        "keywords": ["react", "next.js", "nextjs", "vercel", "rsc", "server components", "app router"],
+        "header_patterns": ["x-nextjs", "x-vercel", "x-powered-by.*next"],
+    },
+    
+    # Modern JS Frameworks Security
+    "modern_js_frameworks": {
+        "url_patterns": [
+            r"/_next/",
+            r"/_nuxt/",
+            r"/_svelte",
+            r"/__remix",
+            r"/_astro/",
+        ],
+        "keywords": ["next.js", "nuxt", "sveltekit", "remix", "astro", "react", "vue", "svelte"],
+    },
+    
+    # AWS/Cloud Security
+    "aws_cloud_security": {
+        "url_patterns": [
+            r"\.amazonaws\.com",
+            r"\.s3\.",
+            r"\.azure\.",
+            r"\.blob\.core",
+            r"\.cloudfront\.",
+            r"\.appspot\.com",
+            r"\.storage\.googleapis",
+        ],
+        "keywords": ["aws", "s3", "ec2", "lambda", "azure", "gcp", "cloud", "bucket", "metadata"],
+    },
 }
 
 
@@ -179,6 +217,10 @@ def detect_modules_from_target(target: str, instruction: str = "") -> List[str]:
     """
     Automatically detect which prompt modules should be loaded based on target URL and instruction.
     
+    This function:
+    1. Checks defined patterns in MODULE_PATTERNS
+    2. Auto-discovers ALL .jinja files and matches by filename keywords
+    
     Args:
         target: The target URL or domain
         instruction: The user's instruction/task description
@@ -197,6 +239,7 @@ def detect_modules_from_target(target: str, instruction: str = "") -> List[str]:
     parsed = urlparse(target if "://" in target else f"https://{target}")
     url_path = parsed.path.lower()
     
+    # 1. Check defined patterns (MODULE_PATTERNS)
     for module_name, patterns in MODULE_PATTERNS.items():
         should_load = False
         
@@ -220,6 +263,9 @@ def detect_modules_from_target(target: str, instruction: str = "") -> List[str]:
         if should_load:
             detected_modules.add(module_name)
     
+    # 2. AUTO-DISCOVER: Scan all .jinja files and match by filename
+    detected_modules.update(_auto_discover_modules(combined_text))
+    
     # Always include base modules for comprehensive scans
     if any(kw in instruction_lower for kw in ["full", "comprehensive", "thorough", "complete"]):
         detected_modules.update(["sql_injection", "xss", "authentication_jwt"])
@@ -227,6 +273,64 @@ def detect_modules_from_target(target: str, instruction: str = "") -> List[str]:
     return list(detected_modules)
 
 
+def _auto_discover_modules(search_text: str) -> Set[str]:
+    """
+    Auto-discover modules by scanning all .jinja files and matching by filename.
+    
+    Any new .jinja file will be automatically discovered and used if its name
+    or keywords from name appear in the target/instruction.
+    
+    Example: 'react2shell.jinja' will be loaded if 'react' or 'shell' appears in target.
+    """
+    from pathlib import Path
+    
+    discovered = set()
+    prompts_dir = Path(__file__).parent
+    
+    # Get all available modules
+    for category_dir in prompts_dir.iterdir():
+        if not category_dir.is_dir() or category_dir.name.startswith("__"):
+            continue
+        
+        for jinja_file in category_dir.glob("*.jinja"):
+            module_name = jinja_file.stem  # e.g., "react2shell"
+            
+            # Skip if already in MODULE_PATTERNS (already handled)
+            if module_name in MODULE_PATTERNS:
+                continue
+            
+            # Generate keywords from filename
+            # "react2shell" -> ["react", "shell", "react2shell"]
+            # "sql_injection" -> ["sql", "injection"]
+            # "modern_js_frameworks" -> ["modern", "js", "frameworks"]
+            keywords = _extract_keywords_from_name(module_name)
+            
+            # Check if any keyword matches
+            for keyword in keywords:
+                if len(keyword) >= 3 and keyword in search_text:  # Min 3 chars to avoid false positives
+                    discovered.add(module_name)
+                    break
+    
+    return discovered
+
+
+def _extract_keywords_from_name(name: str) -> List[str]:
+    """Extract searchable keywords from a module name."""
+    keywords = [name]  # Full name
+    
+    # Split by underscore
+    parts = name.split("_")
+    keywords.extend(parts)
+    
+    # Split by numbers (react2shell -> react, shell)
+    import re
+    alpha_parts = re.split(r'\d+', name)
+    keywords.extend([p for p in alpha_parts if p])
+    
+    # Lowercase all
+    return [k.lower() for k in keywords if len(k) >= 3]
+
+
 def get_recommended_modules(target: str, instruction: str = "") -> dict:
     """
     Get recommended modules with confidence scores.