Add Cybersecurity PoC Agent Notebook #688
Conversation
WalkthroughTwo new Jupyter notebook examples are introduced. The first demonstrates a bilingual AI chatbot for Chilean government services using translation and Firecrawl API search. The second presents an automated agent workflow for cybersecurity, simulating the extraction and validation of Proof-of-Concept exploits for CVEs with dummy agent classes and a sample flow. Changes
Sequence Diagram(s)sequenceDiagram
participant User
participant Chatbot
participant FirecrawlTool
participant Translator
User->>Chatbot: Enter query (English)
Chatbot->>Translator: Translate to Spanish
Translator-->>Chatbot: Query (Spanish)
Chatbot->>FirecrawlTool: Search ChileAtiende with query
FirecrawlTool-->>Chatbot: Results (Spanish)
Chatbot->>Translator: Translate results to English
Translator-->>Chatbot: Results (English)
Chatbot->>User: Display answer or ask for rephrasing
sequenceDiagram
participant User
participant run_pocky_for_cve
participant AttackIntentAgent
participant ValidationAgent
User->>run_pocky_for_cve: Provide CVE ID
run_pocky_for_cve->>AttackIntentAgent: Extract attack intent from CVE description
AttackIntentAgent-->>run_pocky_for_cve: Attack intent
run_pocky_for_cve->>ValidationAgent: Validate PoC against attack intent
ValidationAgent-->>run_pocky_for_cve: Validation result
run_pocky_for_cve->>User: Output result
Suggested labels
Poem
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. 🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
SupportNeed help? Create a ticket on our support page for assistance with any issues or questions. Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
CodeRabbit Configuration File (
|
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Summary of Changes
Hello @Dhivya-Bharathy, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!
This pull request primarily aims to add a Google Colab notebook for the Pocky CVE PoC Query Tool, enabling automated search and validation of CVE proof-of-concept exploits. Additionally, it introduces another Google Colab notebook that functions as an AI chatbot for Chilean government services.
Highlights
- New Pocky CVE PoC Agent Notebook: Introduces
examples/cookbooks/Pocky_Cybersecurity_PoC_Agent.ipynb, a Google Colab notebook designed to automate the search, analysis, and validation of CVE Proof-of-Concept (PoC) exploits. - Automated PoC Validation Workflow: The Pocky notebook includes a workflow for setting up API keys (Exa, OpenAI), defining dummy agent classes for intent extraction and validation, and demonstrating how to query and validate a CVE PoC.
- New Chile Government Services Assistant Notebook: Adds
examples/cookbooks/Chile_Government_Services_Assistant.ipynb, a Google Colab notebook that provides an AI chatbot for answering questions about Chilean government services. - Multi-language AI Chatbot: The Chile Government Services Assistant notebook features integration with the Firecrawl API for searching and
deep_translatorfor real-time English-Spanish translation of user queries and search results.
Using Gemini Code Assist
The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.
Invoking Gemini
You can request assistance from Gemini at any point in your pull request via creating an issue comment (i.e. comment on the pull request page) using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands.
| Feature | Command | Description |
|---|---|---|
| Code Review | /gemini review |
Performs a code review for the current pull request in its current state. |
| Pull Request Summary | /gemini summary |
Provides a summary of the current pull request in its current state. |
| Comment | @gemini-code-assist | Responds in comments when explicitly tagged, both in issue comments and review comments. |
| Help | /gemini help |
Displays a list of available commands. |
Customization
To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.
Limitations & Feedback
Gemini Code Assist is currently in preview and may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments to provide feedback.
You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.
Footnotes
-
Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #688 +/- ##
=======================================
Coverage 14.50% 14.50%
=======================================
Files 25 25
Lines 2517 2517
Branches 357 357
=======================================
Hits 365 365
Misses 2136 2136
Partials 16 16
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
There was a problem hiding this comment.
Code Review
The pull request adds two new Google Colab notebooks, one for a Chile Government Services Assistant and another for a Pocky Cybersecurity PoC Agent. The review identified a medium severity issue in both notebooks related to the insecure handling of API keys, where they are hardcoded directly in the notebook. This could lead to exposure of sensitive information if the notebook is shared or made public. The review suggests using a more secure method for handling API keys, such as storing them in a dedicated secrets management system or using environment variables in a more robust way.
| "os.environ['FIRECRAWL_API_KEY'] = \"your api key here\"\n", | ||
| "os.environ['OPENAI_API_KEY'] = \"your api key here\"" |
There was a problem hiding this comment.
Consider using a more secure method for handling API keys, such as storing them in a dedicated secrets management system or using environment variables in a more robust way that avoids hardcoding them directly in the notebook. This is especially important if the notebook is shared or made public. This is a medium severity issue because it exposes sensitive information.
os.environ['FIRECRAWL_API_KEY'] = os.getenv('FIRECRAWL_API_KEY', 'your api key here')
os.environ['OPENAI_API_KEY'] = os.getenv('OPENAI_API_KEY', 'your api key here')
| "os.environ[\"EXA_API_KEY\"] = \"your api key\"\n", | ||
| "os.environ[\"OPENAI_API_KEY\"] = \"your api key\"\n", | ||
| "os.environ[\"OPENAI_BASE_URL\"] = \"https://api.openai.com/v1\" # Optional, for custom OpenAI endpoints" |
There was a problem hiding this comment.
Consider using a more secure method for handling API keys, such as storing them in a dedicated secrets management system or using environment variables in a more robust way that avoids hardcoding them directly in the notebook. This is especially important if the notebook is shared or made public. This is a medium severity issue because it exposes sensitive information.
os.environ["EXA_API_KEY"] = os.getenv("EXA_API_KEY", "your api key")
os.environ["OPENAI_API_KEY"] = os.getenv("OPENAI_API_KEY", "your api key")
os.environ["OPENAI_BASE_URL"] = os.getenv("OPENAI_BASE_URL", "https://api.openai.com/v1") # Optional, for custom OpenAI endpoints
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 5
🧹 Nitpick comments (3)
examples/cookbooks/Chile_Government_Services_Assistant.ipynb (3)
94-109: Translation functions need improvement.The translation functions have basic error handling but could be more robust and informative.
Enhanced error handling and validation:
def translate_to_spanish(text): + if not text or not text.strip(): + return text try: return GoogleTranslator(source='auto', target='es').translate(text) except Exception as e: - print("Translation to Spanish failed:", e) + print(f"Translation to Spanish failed: {e}") return text def translate_to_english(text): + if not text or not text.strip(): + return text try: # Remove Markdown images and None values before translation text = str(text).replace("None", "") text = re.sub(r'!\[.*?\]\(.*?\)', '', text) + # Also remove HTML tags that might interfere + text = re.sub(r'<[^>]+>', '', text) return GoogleTranslator(source='auto', target='en').translate(text) except Exception as e: - print("Translation to English failed:", e) + print(f"Translation to English failed: {e}") return text
150-153: URL filtering is too restrictive.The current filtering only allows URLs starting with a very specific pattern and excludes PDFs entirely. This might miss relevant government information.
Consider more flexible filtering:
filtered_results = [ result for result in search_result.data - if str(result.get("url", "")).startswith("https://www.chileatiende.gob.cl/fichas") and not str(result.get("url", "")).endswith("pdf") + if ("chileatiende.gob.cl" in str(result.get("url", "")) or + "gob.cl" in str(result.get("url", ""))) and + not str(result.get("url", "")).endswith("pdf") ]
131-135: Missing API key validation in FirecrawlTool initialization.The constructor checks for API key presence but doesn't validate if the tool can actually connect to the service.
Add connection validation:
def __init__(self, api_key, instruction: str, template: str): if not api_key: raise ValueError("Firecrawl API key not provided.") + if api_key == "your api key here": + raise ValueError("Please replace the placeholder API key with your actual Firecrawl API key.") self.app = FirecrawlApp(api_key=api_key) self.instruction = instruction self.template = template + # Test connection (optional) + try: + # Simple test search to validate API key + test_result = self.app.search(query="test", limit=1) + except Exception as e: + print(f"Warning: Could not validate Firecrawl API key: {e}")
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (2)
examples/cookbooks/Chile_Government_Services_Assistant.ipynb(1 hunks)examples/cookbooks/Pocky_Cybersecurity_PoC_Agent.ipynb(1 hunks)
⏰ Context from checks skipped due to timeout of 90000ms (5)
- GitHub Check: test-examples
- GitHub Check: performance-test
- GitHub Check: test-core (3.11)
- GitHub Check: quick-test
- GitHub Check: Run tests and collect coverage
| "class ValidationAgent:\n", | ||
| " def __init__(self, input_json):\n", | ||
| " self.input_json = input_json\n", | ||
| " def run(self):\n", | ||
| " # Dummy validation logic for notebook demo\n", | ||
| " data = json.loads(self.input_json)\n", | ||
| " return True if \"attack_intent\" in data and \"poc_sample\" in data else False\n", | ||
| "\n", | ||
| "class AttackIntentAgent:\n", | ||
| " def __init__(self, description):\n", | ||
| " self.description = description\n", | ||
| " def run(self):\n", | ||
| " # Dummy intent extraction for notebook demo\n", | ||
| " return f\"Intent for: {self.description[:50]}...\"" |
There was a problem hiding this comment.
🛠️ Refactor suggestion
Dummy agent classes lack real functionality.
The current dummy implementations are too simplistic for a meaningful demonstration. The ValidationAgent only checks for key existence, and AttackIntentAgent returns a truncated string.
Consider implementing more realistic functionality:
class ValidationAgent:
def __init__(self, input_json):
self.input_json = input_json
+ self.client = OpenAI()
def run(self):
- # Dummy validation logic for notebook demo
data = json.loads(self.input_json)
- return True if "attack_intent" in data and "poc_sample" in data else False
+ if not ("attack_intent" in data and "poc_sample" in data):
+ return False
+
+ # Use the validation prompt with actual OpenAI API
+ try:
+ response = self.client.chat.completions.create(
+ model="gpt-3.5-turbo",
+ messages=[
+ {"role": "system", "content": validation_prompt},
+ {"role": "user", "content": self.input_json}
+ ]
+ )
+ result = json.loads(response.choices[0].message.content)
+ return result.get("valid", False)
+ except Exception as e:
+ print(f"Validation error: {e}")
+ return False
class AttackIntentAgent:
def __init__(self, description):
self.description = description
+ self.client = OpenAI()
def run(self):
- # Dummy intent extraction for notebook demo
- return f"Intent for: {self.description[:50]}..."
+ try:
+ response = self.client.chat.completions.create(
+ model="gpt-3.5-turbo",
+ messages=[
+ {"role": "system", "content": "Extract and describe the attack intent from this CVE description."},
+ {"role": "user", "content": self.description}
+ ]
+ )
+ return response.choices[0].message.content
+ except Exception as e:
+ print(f"Intent extraction error: {e}")
+ return f"Error extracting intent: {e}"Committable suggestion skipped: line range outside the PR's diff.
🤖 Prompt for AI Agents
In examples/cookbooks/Pocky_Cybersecurity_PoC_Agent.ipynb around lines 105 to
118, the ValidationAgent and AttackIntentAgent classes have overly simplistic
dummy implementations that do not provide meaningful validation or intent
extraction. Enhance ValidationAgent to perform deeper validation of the input
JSON structure and content beyond just key existence, and improve
AttackIntentAgent to analyze the description text more thoroughly to extract or
infer a plausible attack intent rather than returning a simple truncated string.
| "# Set your API keys here (replace with your actual keys)\n", | ||
| "os.environ[\"EXA_API_KEY\"] = \"your api key\"\n", | ||
| "os.environ[\"OPENAI_API_KEY\"] = \"your api key\"\n", | ||
| "os.environ[\"OPENAI_BASE_URL\"] = \"https://api.openai.com/v1\" # Optional, for custom OpenAI endpoints" |
There was a problem hiding this comment.
Security risk: Hardcoded API key placeholders.
The hardcoded placeholder API keys pose a security risk and usability issue. Users might accidentally commit real keys or forget to replace them.
Consider this improvement:
-# Set your API keys here (replace with your actual keys)
-os.environ["EXA_API_KEY"] = "your api key"
-os.environ["OPENAI_API_KEY"] = "your api key"
-os.environ["OPENAI_BASE_URL"] = "https://api.openai.com/v1" # Optional, for custom OpenAI endpoints
+# Set your API keys here
+from getpass import getpass
+
+if not os.environ.get("EXA_API_KEY"):
+ os.environ["EXA_API_KEY"] = getpass("Enter your EXA API key: ")
+if not os.environ.get("OPENAI_API_KEY"):
+ os.environ["OPENAI_API_KEY"] = getpass("Enter your OpenAI API key: ")
+os.environ["OPENAI_BASE_URL"] = "https://api.openai.com/v1" # Optional, for custom OpenAI endpoints📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| "# Set your API keys here (replace with your actual keys)\n", | |
| "os.environ[\"EXA_API_KEY\"] = \"your api key\"\n", | |
| "os.environ[\"OPENAI_API_KEY\"] = \"your api key\"\n", | |
| "os.environ[\"OPENAI_BASE_URL\"] = \"https://api.openai.com/v1\" # Optional, for custom OpenAI endpoints" | |
| # Set your API keys here | |
| from getpass import getpass | |
| if not os.environ.get("EXA_API_KEY"): | |
| os.environ["EXA_API_KEY"] = getpass("Enter your EXA API key: ") | |
| if not os.environ.get("OPENAI_API_KEY"): | |
| os.environ["OPENAI_API_KEY"] = getpass("Enter your OpenAI API key: ") | |
| os.environ["OPENAI_BASE_URL"] = "https://api.openai.com/v1" # Optional, for custom OpenAI endpoints |
🤖 Prompt for AI Agents
In examples/cookbooks/Pocky_Cybersecurity_PoC_Agent.ipynb around lines 77 to 80,
the API keys are hardcoded as placeholder strings, which risks accidental
exposure or misuse. Replace these hardcoded assignments by prompting users to
set their API keys externally, such as through environment variables or a secure
configuration file, and update the code to read the keys from those secure
sources instead of embedding them directly.
| "def run_pocky_for_cve(cve_id):\n", | ||
| " # Example: Simulate fetching a description and PoC (replace with real logic)\n", | ||
| " description = f\"Description for {cve_id} (replace with real Exa/OpenAI search)\"\n", | ||
| " poc_sample = f\"PoC code for {cve_id} (replace with real PoC search)\"\n", | ||
| "\n", | ||
| " # Stage 2: Attack Intent\n", | ||
| " intent = AttackIntentAgent(description).run()\n", | ||
| " print(f\"Attack Intent: {intent}\")\n", | ||
| "\n", | ||
| " # Stage 3: Validation\n", | ||
| " validation_input = json.dumps({\"attack_intent\": intent, \"poc_sample\": poc_sample}, indent=2)\n", | ||
| " valid = ValidationAgent(validation_input).run()\n", | ||
| " print(f\"Validation Result: {valid}\")\n", | ||
| " if valid:\n", | ||
| " print(f\"PoC for {cve_id} is valid and ready to use.\")\n", | ||
| " else:\n", | ||
| " print(f\"PoC for {cve_id} failed validation.\")" |
There was a problem hiding this comment.
🛠️ Refactor suggestion
Main function lacks real CVE data integration.
The function uses placeholder strings instead of integrating with the installed dependencies (exa-py, requests) to fetch real CVE data.
Implement real CVE data fetching:
def run_pocky_for_cve(cve_id):
- # Example: Simulate fetching a description and PoC (replace with real logic)
- description = f"Description for {cve_id} (replace with real Exa/OpenAI search)"
- poc_sample = f"PoC code for {cve_id} (replace with real PoC search)"
+ # Fetch CVE description from public sources
+ try:
+ import requests
+ cve_response = requests.get(f"https://cve.circl.lu/api/cve/{cve_id}")
+ if cve_response.status_code == 200:
+ cve_data = cve_response.json()
+ description = cve_data.get('summary', f'No description found for {cve_id}')
+ else:
+ description = f"Could not fetch description for {cve_id}"
+
+ # Use Exa to search for PoC samples
+ exa = Exa(api_key=os.environ.get("EXA_API_KEY"))
+ search_results = exa.search(
+ f"{cve_id} proof of concept exploit github",
+ num_results=3,
+ include_domains=["github.com", "exploit-db.com"]
+ )
+ poc_sample = search_results.results[0].text if search_results.results else "No PoC found"
+
+ except Exception as e:
+ print(f"Error fetching data: {e}")
+ description = f"Error fetching description for {cve_id}"
+ poc_sample = "Error fetching PoC"📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| "def run_pocky_for_cve(cve_id):\n", | |
| " # Example: Simulate fetching a description and PoC (replace with real logic)\n", | |
| " description = f\"Description for {cve_id} (replace with real Exa/OpenAI search)\"\n", | |
| " poc_sample = f\"PoC code for {cve_id} (replace with real PoC search)\"\n", | |
| "\n", | |
| " # Stage 2: Attack Intent\n", | |
| " intent = AttackIntentAgent(description).run()\n", | |
| " print(f\"Attack Intent: {intent}\")\n", | |
| "\n", | |
| " # Stage 3: Validation\n", | |
| " validation_input = json.dumps({\"attack_intent\": intent, \"poc_sample\": poc_sample}, indent=2)\n", | |
| " valid = ValidationAgent(validation_input).run()\n", | |
| " print(f\"Validation Result: {valid}\")\n", | |
| " if valid:\n", | |
| " print(f\"PoC for {cve_id} is valid and ready to use.\")\n", | |
| " else:\n", | |
| " print(f\"PoC for {cve_id} failed validation.\")" | |
| def run_pocky_for_cve(cve_id): | |
| # Fetch CVE description from public sources | |
| try: | |
| import requests | |
| cve_response = requests.get(f"https://cve.circl.lu/api/cve/{cve_id}") | |
| if cve_response.status_code == 200: | |
| cve_data = cve_response.json() | |
| description = cve_data.get('summary', f'No description found for {cve_id}') | |
| else: | |
| description = f"Could not fetch description for {cve_id}" | |
| # Use Exa to search for PoC samples | |
| exa = Exa(api_key=os.environ.get("EXA_API_KEY")) | |
| search_results = exa.search( | |
| f"{cve_id} proof of concept exploit github", | |
| num_results=3, | |
| include_domains=["github.com", "exploit-db.com"] | |
| ) | |
| poc_sample = search_results.results[0].text if search_results.results else "No PoC found" | |
| except Exception as e: | |
| print(f"Error fetching data: {e}") | |
| description = f"Error fetching description for {cve_id}" | |
| poc_sample = "Error fetching PoC" | |
| # Stage 2: Attack Intent | |
| intent = AttackIntentAgent(description).run() | |
| print(f"Attack Intent: {intent}") | |
| # Stage 3: Validation | |
| validation_input = json.dumps({"attack_intent": intent, "poc_sample": poc_sample}, indent=2) | |
| valid = ValidationAgent(validation_input).run() | |
| print(f"Validation Result: {valid}") | |
| if valid: | |
| print(f"PoC for {cve_id} is valid and ready to use.") | |
| else: | |
| print(f"PoC for {cve_id} failed validation.") |
🤖 Prompt for AI Agents
In examples/cookbooks/Pocky_Cybersecurity_PoC_Agent.ipynb around lines 174 to
190, the run_pocky_for_cve function uses placeholder strings instead of fetching
real CVE data. Replace the placeholder description and PoC sample with actual
data retrieval logic by using the installed dependencies like exa-py or requests
to query a CVE database or API. Ensure the function fetches real CVE
descriptions and PoC code dynamically before proceeding with the attack intent
and validation stages.
| "os.environ['FIRECRAWL_API_KEY'] = \"your api key here\"\n", | ||
| "os.environ['OPENAI_API_KEY'] = \"your api key here\"" |
There was a problem hiding this comment.
Security risk: Hardcoded API key placeholders.
Similar to the other notebook, hardcoded placeholder API keys create security and usability risks.
Apply the same secure approach:
-os.environ['FIRECRAWL_API_KEY'] = "your api key here"
-os.environ['OPENAI_API_KEY'] = "your api key here"
+from getpass import getpass
+
+if not os.environ.get('FIRECRAWL_API_KEY'):
+ os.environ['FIRECRAWL_API_KEY'] = getpass("Enter your Firecrawl API key: ")
+if not os.environ.get('OPENAI_API_KEY'):
+ os.environ['OPENAI_API_KEY'] = getpass("Enter your OpenAI API key: ")📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| "os.environ['FIRECRAWL_API_KEY'] = \"your api key here\"\n", | |
| "os.environ['OPENAI_API_KEY'] = \"your api key here\"" | |
| from getpass import getpass | |
| if not os.environ.get('FIRECRAWL_API_KEY'): | |
| os.environ['FIRECRAWL_API_KEY'] = getpass("Enter your Firecrawl API key: ") | |
| if not os.environ.get('OPENAI_API_KEY'): | |
| os.environ['OPENAI_API_KEY'] = getpass("Enter your OpenAI API key: ") |
🤖 Prompt for AI Agents
In examples/cookbooks/Chile_Government_Services_Assistant.ipynb at lines 69-70,
the API keys are hardcoded as placeholders in the environment variables, which
poses security risks. Remove these hardcoded strings and instead instruct users
to set their API keys securely outside the notebook, such as through environment
variables in their system or a secure secrets manager, and access them
dynamically within the code.
| "while True:\n", | ||
| " user_input = input(\"\\nYou: \")\n", | ||
| " if user_input.lower() in [\"exit\", \"quit\"]:\n", | ||
| " print(\"Tomás: It was a pleasure to help you. Goodbye!\")\n", | ||
| " break\n", | ||
| "\n", | ||
| " # Translate English input to Spanish for Firecrawl\n", | ||
| " spanish_query = translate_to_spanish(user_input)\n", | ||
| " spanish_answer = firecrawl_tool.search(spanish_query)\n", | ||
| "\n", | ||
| " # Only translate if we got a real answer\n", | ||
| " if spanish_answer and isinstance(spanish_answer, str) and spanish_answer.strip() and \"Error\" not in spanish_answer:\n", | ||
| " try:\n", | ||
| " english_answer = translate_to_english(spanish_answer)\n", | ||
| " print(\"\\nTomás (in English):\\n\", english_answer)\n", | ||
| " except Exception as e:\n", | ||
| " print(f\"\\nTomás: I found information, but couldn't translate it. Here it is in Spanish:\\n{spanish_answer}\\n(Translation error: {e})\")\n", | ||
| " else:\n", | ||
| " print(\"\\nTomás: Sorry, I couldn't find relevant information. Try rephrasing your question or ask about another service.\")" |
There was a problem hiding this comment.
🛠️ Refactor suggestion
Chat loop lacks comprehensive error handling.
The main chat loop doesn't handle potential exceptions from API calls, which could crash the entire interaction.
Add proper error handling:
while True:
- user_input = input("\nYou: ")
+ try:
+ user_input = input("\nYou: ")
+ except (KeyboardInterrupt, EOFError):
+ print("\nTomás: It was a pleasure to help you. Goodbye!")
+ break
+
if user_input.lower() in ["exit", "quit"]:
print("Tomás: It was a pleasure to help you. Goodbye!")
break
- # Translate English input to Spanish for Firecrawl
- spanish_query = translate_to_spanish(user_input)
- spanish_answer = firecrawl_tool.search(spanish_query)
+ try:
+ # Translate English input to Spanish for Firecrawl
+ spanish_query = translate_to_spanish(user_input)
+ spanish_answer = firecrawl_tool.search(spanish_query)
+ except Exception as e:
+ print(f"\nTomás: Sorry, I encountered an error while searching: {e}")
+ continue
# Only translate if we got a real answer
if spanish_answer and isinstance(spanish_answer, str) and spanish_answer.strip() and "Error" not in spanish_answer:
try:
english_answer = translate_to_english(spanish_answer)
print("\nTomás (in English):\n", english_answer)
except Exception as e:
print(f"\nTomás: I found information, but couldn't translate it. Here it is in Spanish:\n{spanish_answer}\n(Translation error: {e})")
else:
print("\nTomás: Sorry, I couldn't find relevant information. Try rephrasing your question or ask about another service.")📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| "while True:\n", | |
| " user_input = input(\"\\nYou: \")\n", | |
| " if user_input.lower() in [\"exit\", \"quit\"]:\n", | |
| " print(\"Tomás: It was a pleasure to help you. Goodbye!\")\n", | |
| " break\n", | |
| "\n", | |
| " # Translate English input to Spanish for Firecrawl\n", | |
| " spanish_query = translate_to_spanish(user_input)\n", | |
| " spanish_answer = firecrawl_tool.search(spanish_query)\n", | |
| "\n", | |
| " # Only translate if we got a real answer\n", | |
| " if spanish_answer and isinstance(spanish_answer, str) and spanish_answer.strip() and \"Error\" not in spanish_answer:\n", | |
| " try:\n", | |
| " english_answer = translate_to_english(spanish_answer)\n", | |
| " print(\"\\nTomás (in English):\\n\", english_answer)\n", | |
| " except Exception as e:\n", | |
| " print(f\"\\nTomás: I found information, but couldn't translate it. Here it is in Spanish:\\n{spanish_answer}\\n(Translation error: {e})\")\n", | |
| " else:\n", | |
| " print(\"\\nTomás: Sorry, I couldn't find relevant information. Try rephrasing your question or ask about another service.\")" | |
| while True: | |
| try: | |
| user_input = input("\nYou: ") | |
| except (KeyboardInterrupt, EOFError): | |
| print("\nTomás: It was a pleasure to help you. Goodbye!") | |
| break | |
| if user_input.lower() in ["exit", "quit"]: | |
| print("Tomás: It was a pleasure to help you. Goodbye!") | |
| break | |
| try: | |
| # Translate English input to Spanish for Firecrawl | |
| spanish_query = translate_to_spanish(user_input) | |
| spanish_answer = firecrawl_tool.search(spanish_query) | |
| except Exception as e: | |
| print(f"\nTomás: Sorry, I encountered an error while searching: {e}") | |
| continue | |
| # Only translate if we got a real answer | |
| if spanish_answer and isinstance(spanish_answer, str) and spanish_answer.strip() and "Error" not in spanish_answer: | |
| try: | |
| english_answer = translate_to_english(spanish_answer) | |
| print("\nTomás (in English):\n", english_answer) | |
| except Exception as e: | |
| print( | |
| f"\nTomás: I found information, but couldn't translate it. " | |
| f"Here it is in Spanish:\n{spanish_answer}\n(Translation error: {e})" | |
| ) | |
| else: | |
| print( | |
| "\nTomás: Sorry, I couldn't find relevant information. " | |
| "Try rephrasing your question or ask about another service." | |
| ) |
🤖 Prompt for AI Agents
In examples/cookbooks/Chile_Government_Services_Assistant.ipynb around lines 264
to 282, the main chat loop lacks error handling for API calls like
translate_to_spanish, firecrawl_tool.search, and translate_to_english, risking
crashes. Wrap the entire loop body inside a try-except block to catch exceptions
from these calls, and in the except block, print a user-friendly error message
and continue the loop to maintain interaction stability.
Dhivya-Bharathy
changed the title
Adds a Google Colab notebook for the Pocky CVE PoC Query Tool.
Enables automated search and validation of CVE proof-of-concept exploits.
Includes API key setup, core logic, and a sample validation workflow.
Summary by CodeRabbit