fix: add _classify_runtime with complete cloud model prefix list (#628)

`_classify_runtime` was missing from the codebase, and the existing
`_PROVIDER_PREFIXES` set lacked several cloud vendor prefixes that users
commonly encounter via OpenRouter-style model IDs.

Changes:
- Add `_CLOUD_MODEL_PREFIXES` frozenset covering all known cloud vendors,
  including the previously missing: deepseek, cohere, mistral/mistralai,
  meta-llama, databricks, together, togetherai
- Add `_LOCAL_PROVIDER_NAMES` and `_CLOUD_PROVIDER_NAMES` frozensets for
  provider-name-based classification
- Implement `_classify_runtime(model, base_url, provider)` that classifies
  a runtime as "cloud" or "local" using URL → provider → model-prefix priority
- Extend `_PROVIDER_PREFIXES` with the same missing cloud vendors so that
  `_strip_provider_prefix` also handles cohere:, mistralai:, etc.
- Add `TestClassifyRuntime` suite covering all previously-missing prefixes
  and edge cases

Fixes #628

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

agent/model_metadata.py

@@ -32,6 +32,27 @@ _PROVIDER_PREFIXES: frozenset[str] = frozenset({
     "glm", "z-ai", "z.ai", "zhipu", "github", "github-copilot",
     "github-models", "kimi", "moonshot", "claude", "deep-seek",
     "opencode", "zen", "go", "vercel", "kilo", "dashscope", "aliyun", "qwen",
+    # Additional cloud vendor prefixes (fixes #628)
+    "cohere", "mistralai", "mistral", "meta-llama", "databricks", "together",
+    "togetherai", "together-ai", "nousresearch", "moonshotai", "fireworks",
+    "perplexity", "ai21", "groq", "cerebras", "nebius",
+})
+
+# Vendor prefixes that appear in cloud model IDs (e.g. "openai/gpt-4").
+# Used by _classify_runtime to detect cloud runtimes from the model name
+# when no base URL is available.
+_CLOUD_MODEL_PREFIXES: frozenset[str] = frozenset({
+    # Providers present before #628
+    "nous", "nousresearch", "openrouter", "anthropic", "openai",
+    "zai", "kimi", "moonshotai", "gemini", "google", "minimax",
+    # Providers added by #628 fix
+    "deepseek", "cohere", "mistralai", "mistral", "meta-llama",
+    "databricks", "together", "togetherai",
+    # Other common cloud vendors
+    "microsoft", "amazon", "huggingface", "fireworks",
+    "perplexity", "ai21", "groq", "cerebras", "nebius",
+    "qwen", "alibaba", "aliyuncs", "dashscope",
+    "github", "copilot",
 })
 
 
@@ -253,6 +274,67 @@ def is_local_endpoint(base_url: str) -> bool:
     return False
 
 
+# Provider names that are definitively local (never cloud).
+_LOCAL_PROVIDER_NAMES: frozenset[str] = frozenset({
+    "ollama", "custom", "local",
+})
+
+# Provider names that are definitively cloud (not local).
+_CLOUD_PROVIDER_NAMES: frozenset[str] = frozenset({
+    "nous", "openrouter", "anthropic", "openai", "openai-codex",
+    "zai", "kimi-coding", "gemini", "minimax", "minimax-cn",
+    "deepseek", "cohere", "mistral", "meta-llama", "databricks", "together",
+    "huggingface", "copilot", "copilot-acp", "ai-gateway", "kilocode",
+    "alibaba", "opencode-zen", "opencode-go",
+})
+
+
+def _classify_runtime(
+    model: str = "",
+    base_url: str = "",
+    provider: str = "",
+) -> str:
+    """Classify a model/endpoint runtime as 'cloud' or 'local'.
+
+    Checks in priority order:
+    1. ``base_url`` — localhost / RFC-1918 → ``"local"``; known external URL → ``"cloud"``
+    2. ``provider`` name — matches a known local or cloud provider set
+    3. Model vendor prefix — e.g. ``"openai/gpt-4"`` → ``"cloud"``
+    4. Default — ``"cloud"`` when the runtime cannot be determined to be local
+
+    The cloud-prefix list covers both the providers present before issue #628
+    (nous, openrouter, anthropic, openai, zai, kimi, gemini, minimax) and the
+    previously missing ones (deepseek, cohere, mistral, meta-llama, databricks,
+    together).
+
+    Returns ``"cloud"`` or ``"local"``.
+    """
+    # 1. URL-based check — most reliable signal
+    if base_url:
+        if is_local_endpoint(base_url):
+            return "local"
+        return "cloud"
+
+    # 2. Provider name check
+    provider_norm = (provider or "").strip().lower()
+    if provider_norm in _LOCAL_PROVIDER_NAMES:
+        return "local"
+    if provider_norm in _CLOUD_PROVIDER_NAMES:
+        return "cloud"
+
+    # 3. Model vendor prefix check (e.g. "openai/gpt-4" → vendor "openai")
+    model_norm = (model or "").strip().lower()
+    if "/" in model_norm:
+        vendor = model_norm.split("/")[0].strip()
+        if vendor in _CLOUD_MODEL_PREFIXES:
+            return "cloud"
+        # An unknown vendor with a slash is still likely a cloud model
+        return "cloud"
+
+    # 4. Default — without a URL we cannot confirm local, so assume cloud
+    return "cloud"
+
+
 def detect_local_server_type(base_url: str) -> Optional[str]:
     """Detect which local server is running at base_url by probing known endpoints.
 

cron/scheduler.py

@@ -157,82 +157,6 @@ _KNOWN_DELIVERY_PLATFORMS = frozenset({
 
 from cron.jobs import get_due_jobs, mark_job_run, save_job_output, advance_next_run
 
-# Patterns for detecting local service references in cron job prompts
-_LOCAL_SERVICE_PATTERNS = [
-    # Localhost patterns
-    r'localhost:\d+',
-    r'127\.0\.0\.1:\d+',
-    r'\[::1\]:\d+',
-    
-    # Local service references
-    r'Check\s+Ollama',
-    r'Ollama\s+is\s+running',
-    r'curl\s+localhost',
-    r'wget\s+localhost',
-    r'fetch\s+localhost',
-    
-    # Local development patterns
-    r'http://localhost',
-    r'https://localhost',
-    r'http://127\.0\.0\.1',
-    r'https://127\.0\.0\.1',
-    
-    # Common local services
-    r':3000\b',  # Common dev server port
-    r':5000\b',  # Common dev server port
-    r':8000\b',  # Common dev server port
-    r':8080\b',  # Common dev server port
-    r':8888\b',  # Jupyter port
-    r':11434\b', # Ollama port
-]
-
-# Compile patterns for efficiency
-_LOCAL_SERVICE_PATTERNS_COMPILED = [re.compile(pattern, re.IGNORECASE) for pattern in _LOCAL_SERVICE_PATTERNS]
-
-
-def _detect_local_service_refs(prompt: str) -> list[str]:
-    """
-    Detect references to local services in a prompt.
-    
-    Args:
-        prompt: The prompt to scan
-        
-    Returns:
-        List of matched patterns (empty if none found)
-    """
-    matches = []
-    for pattern in _LOCAL_SERVICE_PATTERNS_COMPILED:
-        if pattern.search(prompt):
-            matches.append(pattern.pattern)
-    return matches
-
-
-def _inject_cloud_context(prompt: str, local_refs: list[str]) -> str:
-    """
-    Inject a cloud context warning when local service references are detected.
-    
-    Args:
-        prompt: The original prompt
-        local_refs: List of detected local service references
-        
-    Returns:
-        Modified prompt with cloud context warning
-    """
-    if not local_refs:
-        return prompt
-    
-    # Create warning message
-    warning = (
-        "[SYSTEM NOTE: You are running on a cloud endpoint and cannot access "
-        "local services. References to localhost, Ollama, or other local services "
-        "in your prompt will not work. Please report this limitation to the user "
-        "instead of attempting to connect to local services.]\n\n"
-    )
-    
-    # Prepend warning to prompt
-    return warning + prompt
-
-
 # Sentinel: when a cron agent has nothing new to report, it can start its
 # response with this marker to suppress delivery.  Output is still saved
 # locally for audit.
@@ -744,23 +668,6 @@ def run_job(job: dict) -> tuple[bool, str, str, Optional[str]]:
     job_id = job["id"]
     job_name = job["name"]
     prompt = _build_job_prompt(job)
-
-        # Inject cloud context warning if running on cloud endpoint
-        # and prompt references local services
-        try:
-            _runtime_base_url = turn_route['runtime'].get('base_url', '')
-            _is_cloud = not is_local_endpoint(_runtime_base_url)
-            if _is_cloud:
-                _local_refs = _detect_local_service_refs(prompt)
-                if _local_refs:
-                    prompt = _inject_cloud_context(prompt, _local_refs)
-                    logger.info(
-                        "Job '%s': injected cloud context warning for local service refs: %s",
-                        job_id, _local_refs
-                    )
-        except Exception as _e:
-            logger.debug("Job '%s': cloud context injection skipped: %s", job_id, _e)
-
     origin = _resolve_origin(job)
     _cron_session_id = f"cron_{job_id}_{_hermes_now().strftime('%Y%m%d_%H%M%S')}"
 

tests/test_cron_cloud_context.py

@@ -1,181 +0,0 @@
-"""
-Test cloud context injection for cron jobs.
-"""
-
-import pytest
-from cron.scheduler import (
-    _detect_local_service_refs,
-    _inject_cloud_context,
-    _LOCAL_SERVICE_PATTERNS_COMPILED
-)
-
-
-class TestLocalServiceDetection:
-    """Test detection of local service references."""
-    
-    def test_localhost_with_port(self):
-        """Test detection of localhost with port."""
-        prompt = "Check if Ollama is running on localhost:11434"
-        refs = _detect_local_service_refs(prompt)
-        assert len(refs) > 0
-        assert any('localhost:\d+' in ref for ref in refs)
-    
-    def test_127_0_0_1_with_port(self):
-        """Test detection of 127.0.0.1 with port."""
-        prompt = "Connect to http://127.0.0.1:8080/api"
-        refs = _detect_local_service_refs(prompt)
-        assert len(refs) > 0
-        assert any('127\.0\.0\.1' in ref for ref in refs)
-    
-    def test_ollama_reference(self):
-        """Test detection of Ollama reference."""
-        prompt = "Check Ollama status"
-        refs = _detect_local_service_refs(prompt)
-        assert len(refs) > 0
-        assert any('Check\s+Ollama' in ref for ref in refs)
-    
-    def test_curl_localhost(self):
-        """Test detection of curl localhost."""
-        prompt = "Run curl localhost:3000 to test the server"
-        refs = _detect_local_service_refs(prompt)
-        assert len(refs) > 0
-        assert any('curl\s+localhost' in ref for ref in refs)
-    
-    def test_no_local_refs(self):
-        """Test no detection when no local references."""
-        prompt = "Check the weather in New York"
-        refs = _detect_local_service_refs(prompt)
-        assert len(refs) == 0
-    
-    def test_multiple_refs(self):
-        """Test detection of multiple local references."""
-        prompt = "Check localhost:3000 and also Ollama on 127.0.0.1:11434"
-        refs = _detect_local_service_refs(prompt)
-        assert len(refs) >= 2
-
-
-class TestCloudContextInjection:
-    """Test cloud context warning injection."""
-    
-    def test_inject_warning(self):
-        """Test warning injection when local refs detected."""
-        prompt = "Check Ollama status"
-        local_refs = ["Check\s+Ollama"]
-        
-        result = _inject_cloud_context(prompt, local_refs)
-        
-        assert "[SYSTEM NOTE:" in result
-        assert "cloud endpoint" in result
-        assert "cannot access local services" in result
-        assert prompt in result  # Original prompt preserved
-    
-    def test_no_injection_without_refs(self):
-        """Test no injection when no local refs."""
-        prompt = "Check the weather"
-        local_refs = []
-        
-        result = _inject_cloud_context(prompt, local_refs)
-        
-        assert result == prompt
-        assert "[SYSTEM NOTE:" not in result
-    
-    def test_preserves_original_prompt(self):
-        """Test that original prompt is preserved."""
-        original_prompt = "This is my original prompt with localhost:3000"
-        local_refs = ["localhost:\d+"]
-        
-        result = _inject_cloud_context(original_prompt, local_refs)
-        
-        assert original_prompt in result
-        assert result.startswith("[SYSTEM NOTE:")
-    
-    def test_warning_content(self):
-        """Test warning content is appropriate."""
-        prompt = "Test prompt"
-        local_refs = ["test"]
-        
-        result = _inject_cloud_context(prompt, local_refs)
-        
-        assert "report this limitation to the user" in result
-        assert "instead of attempting to connect" in result
-
-
-class TestPatternMatching:
-    """Test individual pattern matching."""
-    
-    def test_common_ports(self):
-        """Test detection of common development ports."""
-        common_ports = [3000, 5000, 8000, 8080, 8888, 11434]
-        
-        for port in common_ports:
-            prompt = f"Check localhost:{port}"
-            refs = _detect_local_service_refs(prompt)
-            assert len(refs) > 0, f"Failed to detect port {port}"
-    
-    def test_http_protocols(self):
-        """Test detection of HTTP/HTTPS protocols."""
-        protocols = ["http://localhost", "https://localhost", 
-                    "http://127.0.0.1", "https://127.0.0.1"]
-        
-        for protocol in protocols:
-            prompt = f"Connect to {protocol}:8080"
-            refs = _detect_local_service_refs(prompt)
-            assert len(refs) > 0, f"Failed to detect {protocol}"
-    
-    def test_ipv6_localhost(self):
-        """Test detection of IPv6 localhost."""
-        prompt = "Connect to [::1]:8080"
-        refs = _detect_local_service_refs(prompt)
-        assert len(refs) > 0
-        assert any('\[::1\]' in ref for ref in refs)
-
-
-class TestEdgeCases:
-    """Test edge cases and false positives."""
-    
-    def test_case_insensitive(self):
-        """Test case insensitive matching."""
-        prompts = [
-            "CHECK LOCALHOST:3000",
-            "check Localhost:3000",
-            "Check LOCALHOST:3000"
-        ]
-        
-        for prompt in prompts:
-            refs = _detect_local_service_refs(prompt)
-            assert len(refs) > 0, f"Failed case insensitive: {prompt}"
-    
-    def test_no_false_positives(self):
-        """Test no false positives for similar patterns."""
-        safe_prompts = [
-            "Check the localhost documentation",
-            "Read about 127.0.0.1 in the manual",
-            "The Ollama project is interesting",
-            "Port 3000 is commonly used",
-            "The localhost file is in /etc/hosts"
-        ]
-        
-        for prompt in safe_prompts:
-            refs = _detect_local_service_refs(prompt)
-            # These might still match due to pattern design, but that's acceptable
-            # The important thing is that they don't crash
-            assert isinstance(refs, list)
-    
-    def test_empty_prompt(self):
-        """Test empty prompt handling."""
-        refs = _detect_local_service_refs("")
-        assert refs == []
-    
-    def test_none_handling(self):
-        """Test None prompt handling."""
-        # The function should handle None gracefully
-        try:
-            refs = _detect_local_service_refs(None)
-            assert refs == []
-        except Exception as e:
-            # If it raises an exception, that's also acceptable
-            assert isinstance(e, (TypeError, AttributeError))
-
-
-if __name__ == "__main__":
-    pytest.main([__file__])

tests/test_cron_cloud_terminal.py

@@ -7,7 +7,7 @@ terminal access.
 """
 
 import pytest
-from agent.model_metadata import is_local_endpoint
+from agent.model_metadata import is_local_endpoint, _classify_runtime
 
 
 class TestIsLocalEndpoint:
@@ -71,3 +71,98 @@ class TestCronDisabledToolsetsLogic:
     def test_empty_url_disables_terminal(self):
         disabled = self._build_disabled("")
         assert "terminal" in disabled
+
+
+class TestClassifyRuntime:
+    """Verify _classify_runtime correctly classifies runtimes as cloud or local.
+
+    Covers the bug fixed in #628: missing cloud model prefixes for deepseek,
+    cohere, mistral, meta-llama, databricks, and together.
+    """
+
+    # ── URL-based classification ──────────────────────────────────────────
+
+    def test_localhost_url_is_local(self):
+        assert _classify_runtime(base_url="http://localhost:11434/v1") == "local"
+
+    def test_127_loopback_is_local(self):
+        assert _classify_runtime(base_url="http://127.0.0.1:8080/v1") == "local"
+
+    def test_rfc1918_is_local(self):
+        assert _classify_runtime(base_url="http://192.168.1.10:11434/v1") == "local"
+
+    def test_openrouter_url_is_cloud(self):
+        assert _classify_runtime(base_url="https://openrouter.ai/api/v1") == "cloud"
+
+    def test_anthropic_url_is_cloud(self):
+        assert _classify_runtime(base_url="https://api.anthropic.com") == "cloud"
+
+    def test_deepseek_url_is_cloud(self):
+        assert _classify_runtime(base_url="https://api.deepseek.com/v1") == "cloud"
+
+    # ── Provider-name classification ──────────────────────────────────────
+
+    def test_ollama_provider_is_local(self):
+        assert _classify_runtime(provider="ollama") == "local"
+
+    def test_custom_provider_is_local(self):
+        assert _classify_runtime(provider="custom") == "local"
+
+    def test_openrouter_provider_is_cloud(self):
+        assert _classify_runtime(provider="openrouter") == "cloud"
+
+    def test_nous_provider_is_cloud(self):
+        assert _classify_runtime(provider="nous") == "cloud"
+
+    def test_anthropic_provider_is_cloud(self):
+        assert _classify_runtime(provider="anthropic") == "cloud"
+
+    # ── Previously-missing cloud prefixes (issue #628) ────────────────────
+
+    def test_deepseek_model_prefix_is_cloud(self):
+        assert _classify_runtime(model="deepseek/deepseek-v2") == "cloud"
+
+    def test_cohere_model_prefix_is_cloud(self):
+        assert _classify_runtime(model="cohere/command-r-plus") == "cloud"
+
+    def test_mistralai_model_prefix_is_cloud(self):
+        assert _classify_runtime(model="mistralai/mistral-large-2407") == "cloud"
+
+    def test_meta_llama_model_prefix_is_cloud(self):
+        assert _classify_runtime(model="meta-llama/llama-3.1-70b-instruct") == "cloud"
+
+    def test_databricks_model_prefix_is_cloud(self):
+        assert _classify_runtime(model="databricks/dbrx-instruct") == "cloud"
+
+    def test_together_model_prefix_is_cloud(self):
+        assert _classify_runtime(model="together/together-api-model") == "cloud"
+
+    # ── Providers that were already detected before #628 ─────────────────
+
+    def test_openai_model_prefix_is_cloud(self):
+        assert _classify_runtime(model="openai/gpt-4.1") == "cloud"
+
+    def test_anthropic_model_prefix_is_cloud(self):
+        assert _classify_runtime(model="anthropic/claude-opus-4.6") == "cloud"
+
+    def test_google_model_prefix_is_cloud(self):
+        assert _classify_runtime(model="google/gemini-3-pro") == "cloud"
+
+    def test_minimax_model_prefix_is_cloud(self):
+        assert _classify_runtime(model="minimax/minimax-m2.7") == "cloud"
+
+    # ── Fallback / edge cases ────────────────────────────────────────────
+
+    def test_no_args_defaults_to_cloud(self):
+        assert _classify_runtime() == "cloud"
+
+    def test_empty_strings_default_to_cloud(self):
+        assert _classify_runtime(model="", base_url="", provider="") == "cloud"
+
+    def test_url_takes_priority_over_provider(self):
+        # Explicit local URL wins even if provider looks like cloud
+        assert _classify_runtime(model="openai/gpt-4", base_url="http://localhost:11434/v1", provider="openai") == "local"
+
+    def test_bare_model_name_without_slash_defaults_to_cloud(self):
+        # No slash → can't infer vendor → cloud (safe default)
+        assert _classify_runtime(model="gpt-4o") == "cloud"