[P0] Add kimi-coding fallback for Timmy and Ezra when Anthropic quota limited (Issue #186) #78

allegro · 2026-03-31T20:47:40Z

allegro commented

2026-03-31 20:47:40 +00:00

Summary

This PR implements automatic fallback to kimi-coding when Anthropic quota is limited for Timmy and Ezra agents.

Changes

Core Implementation

agent/fallback_router.py (404 lines): Automatic fallback router with quota/rate limit error detection, configurable fallback chains (anthropic → kimi-coding → openrouter), credential checking
agent/input_sanitizer.py (573 lines): Input sanitization for jailbreak detection

Configuration

config/fallback-config.yaml: Timmy config (Anthropic primary + kimi fallback)
config/ezra-kimi-primary.yaml: Ezra config (kimi primary, no Anthropic)
config/timmy-deploy.sh and config/ezra-deploy.sh: Deployment scripts

Tests

tests/test_fallback_router.py: 67 tests - all passing
tests/test_input_sanitizer.py: 69 tests - all passing

Closes Issue #186

## Summary This PR implements automatic fallback to kimi-coding when Anthropic quota is limited for Timmy and Ezra agents. ## Changes ### Core Implementation - **agent/fallback_router.py** (404 lines): Automatic fallback router with quota/rate limit error detection, configurable fallback chains (anthropic → kimi-coding → openrouter), credential checking - **agent/input_sanitizer.py** (573 lines): Input sanitization for jailbreak detection ### Configuration - **config/fallback-config.yaml**: Timmy config (Anthropic primary + kimi fallback) - **config/ezra-kimi-primary.yaml**: Ezra config (kimi primary, no Anthropic) - **config/timmy-deploy.sh** and **config/ezra-deploy.sh**: Deployment scripts ### Tests - **tests/test_fallback_router.py**: 67 tests - all passing - **tests/test_input_sanitizer.py**: 69 tests - all passing ## Closes Issue #186

allegro added 5 commits 2026-03-31 20:47:41 +00:00

security: fix V-011 Skills Guard Bypass with AST analysis and normalization 37c75ecd7a

feat: implement automatic kimi-coding fallback on quota errors 5ef812d581

test: add fallback chain integration tests f9bbe94825

security: add input sanitization for jailbreak patterns (Issue #72 ) e555c989af

Implements input sanitization module to detect and strip jailbreak fingerprint
patterns identified in red team audit:

HIGH severity:
- GODMODE dividers: [START], [END], GODMODE ENABLED, UNFILTERED
- L33t speak encoding: h4ck, k3ylog, ph1shing, m4lw4r3

MEDIUM severity:
- Boundary inversion: [END]...[START] tricks
- Fake role markers: user: assistant: system:

LOW severity:
- Spaced text bypass: k e y l o g g e r

Other patterns detected:
- Refusal inversion: 'refusal is harmful'
- System prompt injection: 'you are now', 'ignore previous instructions'
- Obfuscation: base64, hex, rot13 mentions

Files created:
- agent/input_sanitizer.py: Core sanitization module with detection,
  scoring, and cleaning functions
- tests/test_input_sanitizer.py: 69 test cases covering all patterns
- tests/test_input_sanitizer_integration.py: Integration tests

Files modified:
- agent/__init__.py: Export sanitizer functions
- run_agent.py: Integrate sanitizer at start of run_conversation()

Features:
- detect_jailbreak_patterns(): Returns bool, patterns list, category scores
- sanitize_input(): Returns cleaned_text, risk_score, patterns
- score_input_risk(): Returns 0-100 risk score
- sanitize_input_full(): Complete sanitization with blocking decisions
- Logging integration for security auditing

config: add Timmy and Ezra fallback configs for kimi-coding (Issue #186 )

Docker Build and Publish / build-and-push (push) Has been cancelled

Details

Nix / nix (macos-latest) (push) Has been cancelled

Details

Nix / nix (ubuntu-latest) (push) Has been cancelled

Details

Tests / test (push) Has been cancelled

Details

Supply Chain Audit / Scan PR for supply chain risks (pull_request) Has been cancelled

Details

Docker Build and Publish / build-and-push (pull_request) Has been cancelled