Skip to content

Codex/specimba/UI polish command center#5

Merged
specimba merged 28 commits into
mainfrom
codex/specimba/ui-polish-command-center
Jun 14, 2026
Merged

Codex/specimba/UI polish command center#5
specimba merged 28 commits into
mainfrom
codex/specimba/ui-polish-command-center

Conversation

@specimba

@specimba specimba commented Jun 14, 2026

Copy link
Copy Markdown
Owner

What Changed

Why

Safety Gates

  • No secrets, tokens, generated auth folders, or provider credentials are committed.
  • Adult catalog behavior remains opt-in and does not disable ST3GG, consent, provenance, export, or dataset gates.
  • Pinned lanes remain pinned: FLUX.2 image generation, LocateAnything grounding, ST3GG security.
  • Generated outputs, moodboards, logs, caches, and local previews stay untracked.

Verification

  • python -m compileall app.py src tests
  • python -m pytest -q tests -p no:cacheprovider --basetemp=C:\tmp\pytest-nvw-full

Screenshots / Notes

Note

Add trust strip UI, sponsor judge lanes, and governed export packet to command center

  • Splits the FLUX.2 model catalog into a public 4B variant (pinned, Apache 2.0) and a private 9B gated research variant, updating catalog, relay, and HF runtime constants accordingly.
  • Adds two optional sponsor evidence lanes: judge_with_minicpm (OpenBMB MiniCPM-V-4.6) and judge_with_nemotron (NVIDIA Nemotron-Parse-v1.2) in a new provider_runtime.py module, called from run_weave and scan_reference.
  • Introduces a render_trust_strip component injected into the topbar, showing ST3GG scan status, export gate, and human checkpoint state with payload redaction.
  • Adds a governed export packet writer in exporter.py that assembles a JSON evidence packet with redacted secrets, hackathon claims, and sponsor lane statuses, gated on ST3GG clearance.
  • Separates reference and generated artifact scans in scan_reference and approve_checkpoint, making the generated artifact's ST3GG status authoritative for export gating.
  • Adds public_demo field (default True) to ModelCandidate and uses it to filter catalog in public mode.
  • Risk: render_topbar signature mismatch noted in analysis — callers pass four arguments while the shown definition accepts two, which may cause a TypeError at runtime if not reconciled elsewhere.

Macroscope summarized 1cca102.

Dashboard & Workflow Integration

The command center now surfaces a complete visual creation workflow with integrated evidence rendering. app.py has been refactored to wire FLUX.2 generation through checkpoint seeding, dual-track scan execution (reference and generated), and downstream judge integration. The dashboard rendering (render.py) adds a new trust strip UI component and updates the topbar to display "FLUX.2 4B PINNED" alongside "HUMAN CHECKPOINT" badges. The artifact lane now renders generated images inline with updated metadata ribbons, and the operations panel surfaces both MiniCPM and Nemotron evidence lanes when available. Workflow node labels have been adjusted to reflect the new model/provider structure, and the inspector now includes a "Sponsor Evidence" section populated from operator state.

Model Governance & Pinned Lane Selection

The pinned FLUX.2 image-generation lane has been downscaled from Klein 9B to Klein 4B as the public-demo default (4B remains the MVP target for the Build Small hackathon). The catalog has been restructured to enforce this via active_stack(): the public demo stack now selects FLUX.2-klein-4B exclusively, while a separate PRIVATE_RESEARCH_STACK retains Klein 9B for private-mode fallback. NVIDIA LocateAnything-3B remains pinned for grounding. ModelRelay's ROTATABLE_LANES now includes private_image_research, allowing qualified helper models to rotate subject to quota constraints, while pinned lanes remain static. Two new judgment lanes have been added—MiniCPM-V-4.6 (visual analysis) and NVIDIA-Nemotron-Parse-v1.2 (evidence synthesis)—both marked as optional sponsor lanes in the dashboard with distinct success/missing-secret/failed state rendering.

Security Gate & Export Evidence Packaging

ST3GG security scanning remains the always-on gate; a new assets/st3gg_examples.json defines scan test cases. The new exporter.py module implements write_export_packet(), which constructs a comprehensive JSON evidence record containing run metadata, operator state (generation, minicpm evidence, nemotron evidence results), checkpoint status, active model stack with parameter counts, and hackathon claim booleans (build_small_32b pass, OpenBMB lane success, NVIDIA Nemotron lane success). Export is gated on checkpoint approval and scan clearance. Critically, Adult Mode remains opt-in and does not bypass provenance, consent, age, dataset-partition, or ST3GG gates—the public stack applies public_demo=False filtering to exclude private-research models.

Provider Runtime & Evidence Collection

A new provider_runtime.py module introduces two judge functions:

  • judge_with_minicpm(): Reads MINICPM_BASE_URL, MINICPM_API_KEY, and MINICPM_MODEL environment variables; constructs a constrained-JSON multimodal prompt with the artifact image, wardrobe summary, and scan results; calls the OpenBMB endpoint and returns structured evidence or missing_secret/no_artifact/blocked states.
  • judge_with_nemotron(): Reads NEMOTRON_BASE_URL, NEMOTRON_API_KEY, and NEMOTRON_MODEL; constructs a constrained-JSON prompt containing the full run packet and optional MiniCPM result (truncated for token efficiency); calls the NVIDIA endpoint and returns evidence or missing_secret/failed states.

Both return a ProviderJudgeResult dataclass with status, provider identification, evidence payload, and request latency. The runtime handles authentication, image encoding to base64 data URIs, and safe JSON parsing with error truncation.

Verification & Testing Evidence

CI now gates imports with NEXUS_DISABLE_REAL_HF=1 to prevent real HF API calls during testing. New test coverage includes:

  • test_exporter.py: Validates that write_export_packet() records evidence correctly, includes hackathon lane flags, filters out secret tokens, and matches run IDs.
  • test_provider_runtime.py: Tests MiniCPM missing-secret detection, artifact-missing blocking, successful judge execution with mocked endpoints, and Nemotron missing-secret handling.
  • test_command_center.py: Updated to assert the public stack includes FLUX 4B while excluding Klein 9B and OFFELLIA (private models), and verifies LocateAnything is present by repo ID. Security scan fixtures now validate both safe (pass/clear) and blocked (review/blocked with findings) scan paths.
  • test_model_relay.py: Expanded to verify FLUX.2 4B is pinned (non-rotating) with correct repo ID and parameter counts, and private-research lane keeps FLUX 9B available as rotatable primary.
  • test_hf_runtime.py: New test asserts FLUX_REPO_ID and PRIVATE_RESEARCH_FLUX_REPO_ID are distinct values.

Documentation (HACKATHON_EVALUATION.md, HANDOFF_FINAL_HACKATHON.md) records prize claim rules (OpenBMB/NVIDIA evidence gated on export success from respective providers), required environment secrets (HF_TOKEN, MiniCPM/Nemotron credentials), and submission steps. README updated with Space metadata, model governance lane definitions, and required provider API keys.

opusmanSEEKv4 and others added 19 commits June 14, 2026 02:34
Docstrings generation was requested by @specimba.

* #1 (comment)

The following files were modified:

* `app.py`
* `src/nexus_visual_weaver/render.py`
* `tests/test_command_center.py`

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
Co-authored-by: Canberk “specimba” Karaerkek <specimba@gmail.com>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
@qodo-code-review

qodo-code-review Bot commented Jun 14, 2026

Copy link
Copy Markdown

Code Review by Qodo

🐞 Bugs (1) 📘 Rule violations (1)

Context used
✅ Compliance rules (platform): 1 rule

Grey Divider


Action required

1. NEXUS_EXPORT_DIR allows src/ writes 📘 Rule violation ≡ Correctness
Description
write_export_packet() writes files to a path derived from NEXUS_EXPORT_DIR without
resolving/normalizing the path and without blocking targets under src/. This enables agent- or
user-influenced configuration to create/overwrite files in the production core, violating the
read-only core requirement.
Code

src/nexus_visual_weaver/exporter.py[R81-82]

+    target = export_root() / f"{run_id}.json"
+    target.write_text(json.dumps(packet, indent=2, ensure_ascii=True), encoding="utf-8")
Evidence
The checklist forbids direct filesystem writes that can target src/ unless restricted to an
isolated workspace root with path resolution checks. The new export_root() takes
NEXUS_EXPORT_DIR (configurable input) and write_export_packet() writes the JSON packet via
target.write_text(...) without any guard preventing src/ (or traversal into it), and the app
callback directly invokes this writer.

Rule 476661: Enforce Read-Only Core: Block Direct Writes to production src/ by Default
src/nexus_visual_weaver/exporter.py[14-30]
src/nexus_visual_weaver/exporter.py[81-83]
app.py[344-354]

Agent prompt
The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

## Issue description
`write_export_packet()` can write to arbitrary paths via `NEXUS_EXPORT_DIR` and does not prevent writes under `src/`. This violates the read-only core policy requiring agent/tool file writes to stay inside an isolated workspace root (e.g., `outputs/`, `.pi/`, `.codex/`) unless a clearly separated, explicitly SPECI-approved override exists.

## Issue Context
- `export_root()` accepts `NEXUS_EXPORT_DIR` and creates directories there.
- `write_export_packet()` then writes `{run_id}.json` into that root.
- Without `Path.resolve()` + enforcement, `NEXUS_EXPORT_DIR=src/...` (or traversal into it) allows direct modification of production code paths.

## Fix Focus Areas
- src/nexus_visual_weaver/exporter.py[14-30]
- src/nexus_visual_weaver/exporter.py[81-83]
- app.py[344-354]

## Implementation notes
- Resolve/normalize candidate paths (`candidate.resolve()`), then enforce they are within an allowed export workspace root (e.g., repo `outputs/exports` or `.pi/exports`).
- Explicitly deny any resolved path that is (or is within) the resolved `src/` directory.
- If an override is truly needed, separate it into a SPECI-gated function/flag and add audit logging (actor/timestamp/paths).

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools


2. Wrong scan gates export 🐞 Bug ⛨ Security
Description
scan_reference() scans the uploaded reference file and overwrites the shared scan_state, but
approve_checkpoint()/export_packet() later trust scan_state to gate exporting the generated
artifact. This allows approving/exporting a generated artifact using a clear scan from an unrelated
reference file, bypassing the ST3GG gate for the real output.
Code

app.py[R281-297]

    scan = scan_file(_file_path(upload))
+    minicpm = None
+    if run is not None:
+        generated_path = ((operator_state or {}).get("generation") or {}).get("output_path")
+        minicpm = judge_with_minicpm(
+            prompt=getattr(getattr(run, "refined_prompt", None), "refined", DEFAULT_PROMPT),
+            image_path=generated_path or _file_path(upload),
+            scan=scan,
+            wardrobe_summary=_wardrobe_summary(run),
+        )
    next_state = {
        **(operator_state or _default_operator_state()),
+        **({"reference_judge": minicpm.to_dict()} if minicpm else {}),
+        "reference_scan": scan,
        "export": scan.get("export_gate", "pending"),
        "message": "Reference scan complete. Export gate is clear." if scan.get("export_gate") == "clear" else "Reference scan requires review before export.",
    }
Evidence
scan_reference() returns a scan of the uploaded file and the UI wiring stores it into
scan_state. Both approve_checkpoint() and export_packet() then make their allow/block
decisions based solely on the passed-in scan (coming from scan_state) and do not verify it
matches the generated artifact path in operator_state['generation']['output_path'].

app.py[274-355]
app.py[535-552]

Agent prompt
The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

## Issue description
`scan_state` is being used as the single source of truth for the ST3GG export gate, but `scan_reference()` overwrites it with a scan of the uploaded reference file. `approve_checkpoint()` and `export_packet()` then accept that scan as proof the generated artifact is safe, without verifying it corresponds to the generated output.

## Issue Context
- `run_weave()` correctly scans the generated artifact and stores it in operator state.
- `scan_reference()` is a *different* action (scan the uploaded file), but it currently updates the same `scan_state` that is later used for export gating.

## How to Fix
Choose one (preferred order):
1. **Recompute/verify scan at gating time**:
  - In `approve_checkpoint()` and `export_packet()`, if `operator_state['generation']['output_path']` exists, call `scan_file(output_path)` and use that result for `export_gate` decisions (and optionally update `operator_state['generated_scan']`).
  - Ignore `scan_state` for export gating (or treat it as reference-only UI).

2. **Split state**:
  - Add a dedicated `reference_scan_state` for `scan_reference()` and keep `scan_state` reserved for generated artifact scans only.
  - Update Gradio wiring so `scan_btn.click` writes to `reference_scan_state`, while `checkpoint_btn`/`export_btn` keep using the generated scan state.

## Fix Focus Areas
- app.py[274-355]
- app.py[535-552]

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools


Grey Divider

ⓘ You are approaching your monthly quota for Qodo. Upgrade your plan

Qodo Logo

@coderabbitai

coderabbitai Bot commented Jun 14, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

🚥 Pre-merge checks | ✅ 2 | ❌ 3

❌ Failed checks (2 warnings, 1 inconclusive)

Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 8.11% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
Description check ⚠️ Warning The PR description is a template with no substantive content filled in; all required sections ('What Changed', 'Why', 'Safety Gates', 'Verification', 'Screenshots/Notes') are empty or contain only checkboxes. Author must complete the PR description by filling in 'What Changed' and 'Why' sections, and verify that all safety gates have been reviewed and checked. The Macroscope auto-generated summary is present but does not replace the author's responsibility to document intent.
Title check ❓ Inconclusive The title 'Codex/specimba/UI polish command center' is vague and uses generic phrasing like 'polish' without conveying specific, meaningful information about the changeset. Replace with a more descriptive title highlighting the main changes, e.g., 'Add MiniCPM/Nemotron evidence lanes and FLUX.2 Klein 4B switch' or 'Integrate sponsor evidence judging and trust strip UI.'
✅ Passed checks (2 passed)
Check name Status Explanation
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch codex/specimba/ui-polish-command-center

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@coderabbitai

coderabbitai Bot commented Jun 14, 2026

Copy link
Copy Markdown
Contributor

Note

Docstrings generation - SUCCESS
Generated docstrings for this pull request at #6

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request updates the NEXUS Visual Weaver application by transitioning the public demo stack to use the FLUX.2-klein-4B model, integrating optional sponsor evidence lanes for OpenBMB MiniCPM-V and NVIDIA Nemotron, and adding a governed export packet writer. The review feedback focuses on enhancing robustness and error handling across these new features. Key recommendations include updating the sponsor lane badge check to recognize the hf_nvidia provider, catching general OSError rather than just PermissionError during export directory creation, wrapping file-reading operations in try-except blocks, and broadening exception catching and decoding safety in the provider runtime API wrappers to prevent unhandled crashes.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

Comment thread src/nexus_visual_weaver/render.py Outdated
Comment thread src/nexus_visual_weaver/exporter.py
Comment thread src/nexus_visual_weaver/provider_runtime.py Outdated
Comment thread src/nexus_visual_weaver/provider_runtime.py Outdated
Comment thread src/nexus_visual_weaver/provider_runtime.py Outdated
Comment thread src/nexus_visual_weaver/provider_runtime.py Outdated
Comment thread src/nexus_visual_weaver/exporter.py
Comment thread app.py Outdated
coderabbitai Bot added a commit that referenced this pull request Jun 14, 2026
Docstrings generation was requested by @specimba.

* #5 (comment)

The following files were modified:

* `app.py`
* `src/nexus_visual_weaver/catalog.py`
* `src/nexus_visual_weaver/exporter.py`
* `src/nexus_visual_weaver/hf_runtime.py`
* `src/nexus_visual_weaver/model_relay.py`
* `src/nexus_visual_weaver/provider_runtime.py`
* `src/nexus_visual_weaver/render.py`
@qodo-code-review

Copy link
Copy Markdown

PR Summary by Qodo

Command Center UI Polish: Sponsor Lanes, Export Packet, and HF Space Readiness
✨ Enhancement ⚙️ Configuration changes 🧪 Tests 🕐 40+ Minutes

Grey Divider

Walkthroughs

Description
• Switches the public demo FLUX.2 lane from the gated 9B model to the public 4B model, keeping 9B as
  a private-research-only option.
• Adds two new optional sponsor evidence lanes: OpenBMB MiniCPM-V 4.6 (visual judge) and NVIDIA
  Nemotron-Parse v1.2 (structured evidence), wired into the run_weave callback and surfaced in the
  inspector and provider cards.
• Introduces exporter.py to write governed JSON export packets (with hackathon prize-claim
  evidence) and provider_runtime.py to call MiniCPM-V and Nemotron via OpenAI-compatible APIs.
• Adds an above-fold ST3GG trust strip to the topbar, hardens approve_checkpoint to require a
  generated artifact, and fixes duplicate/stale code blocks in app.py and render.py.
• Updates catalog, model relay, schema, and styles to reflect the public/private stack split and new
  sponsor models; adds ST3GG fixture PNGs and a hackathon handoff document.
Diagram
graph TD
    A["app.py\nCallbacks"] --> B["provider_runtime.py\nMiniCPM-V / Nemotron"]
    A --> C["hf_runtime.py\nFLUX.2 Klein 4B"]
    A --> D["security.py\nST3GG Scanner"]
    A --> E["exporter.py\nExport Packet Writer"]
    A --> F["render.py\nDashboard Regions"]
    F --> G["styles.py\nTrust Strip CSS"]
    C --> H[("HF ZeroGPU Space")]
    B --> I[("OpenBMB / NVIDIA APIs")]
    E --> J[("outputs/exports JSON")]
    subgraph Legend
      direction LR
      _mod["Module"] ~~~ _db[("Storage")] ~~~ _ext[("External API")]
    end
Loading
High-Level Assessment

The following are alternative approaches to this PR:

1. Keep a subset of the removed render/callback tests
  • ➕ Maintains regression coverage for UI state transitions
  • ➕ Prevents silent breakage of provider_state label rendering
  • ➖ More test maintenance burden
  • ➖ Some tests were genuinely redundant after the refactor
2. Use httpx or requests for provider API calls
  • ➕ Cleaner async support if needed later
  • ➕ Better timeout and retry ergonomics
  • ➖ Adds a dependency to the Space environment
  • ➖ urllib is sufficient for simple synchronous POST calls

Recommendation: The PR's approach of using stdlib urllib for sponsor API calls (provider_runtime.py) is intentional to avoid adding httpx/requests as a dependency in a Space environment. This is reasonable. However, the test suite pruning is aggressive — ~400 lines of tests were removed across three test files. While many were redundant after the refactor, some covered edge cases (e.g., render_artifact_lane preview mode labels, stop_provider_job, toggle_adult_visibility tuple length) that no longer have explicit coverage. Consider whether the removed tests should be replaced with lighter equivalents rather than dropped entirely.

Grey Divider

File Changes

Enhancement (7)
app.py Wire sponsor judge calls, generated-artifact scan, and export packet into run_weave +81/-55

Wire sponsor judge calls, generated-artifact scan, and export packet into run_weave

• Integrates MiniCPM-V and Nemotron judge calls into run_weave; scans the generated artifact (not just the reference upload); calls write_export_packet on export; hardens approve_checkpoint to block when no generated artifact exists; removes duplicate output list registrations and stale dead-code blocks.

app.py


catalog.py Split FLUX.2 into public 4B and private 9B entries; add MiniCPM-V and Nemotron models +63/-7

Split FLUX.2 into public 4B and private 9B entries; add MiniCPM-V and Nemotron models

• Adds FLUX.2-klein-4B as the public demo image generator, demotes 9B and OFFELLIA to public_demo=False, adds MiniCPM-V-4.6 and Nemotron-Parse-v1.2 as sponsor models, defines DEFAULT_ACTIVE_STACK and PRIVATE_RESEARCH_STACK separately, and updates filter_catalog to respect the public_demo flag.

src/nexus_visual_weaver/catalog.py


hf_runtime.py Switch primary FLUX repo ID to 4B; expose private 9B constant +4/-3

Switch primary FLUX repo ID to 4B; expose private 9B constant

• Changes FLUX_REPO_ID to the public 4B model and adds PRIVATE_RESEARCH_FLUX_REPO_ID for the gated 9B model. Updates error and success messages to reference Klein 4B.

src/nexus_visual_weaver/hf_runtime.py


model_relay.py Add private_image_research lane and MiniCPM-V/Nemotron model records +60/-5

Add private_image_research lane and MiniCPM-V/Nemotron model records

• Adds a private_image_research rotatable lane, splits the primary image_generation record to FLUX.2-klein-4B (pinned), adds a separate 9B private record, and registers MiniCPM-V-4.6, Nemotron-Parse-v1.2, and Nemotron-Nano-4B model records with fallback chains.

src/nexus_visual_weaver/model_relay.py


render.py Add trust strip to topbar, sponsor evidence to inspector, and fix duplicate render calls +73/-94

Add trust strip to topbar, sponsor evidence to inspector, and fix duplicate render calls

• Adds render_trust_strip() showing ST3GG verdict, export gate, checkpoint, and fixture evidence above the fold; passes scan and operator_state into render_topbar; adds sponsor evidence rows (MiniCPM-V, Nemotron) to render_inspector; removes duplicate/stale code blocks; updates model labels to 4B throughout.

src/nexus_visual_weaver/render.py


schema.py Add public_demo flag to ModelCandidate +1/-1

Add public_demo flag to ModelCandidate

• Adds a public_demo: bool = True field to ModelCandidate so private/gated models can be excluded from the public demo catalog filter.

src/nexus_visual_weaver/schema.py


styles.py Add CSS for the new trust strip component +49/-0

Add CSS for the new trust strip component

• Adds .nw-trust-strip, .nw-trust-primary, and .nw-trust-card CSS rules with grid layout, gradient backgrounds, and responsive single-column collapse at ≤1100px.

src/nexus_visual_weaver/styles.py


Tests (6)
test_app_callbacks.py Trim redundant callback tests; add artifact-required checkpoint guard test +6/-164

Trim redundant callback tests; add artifact-required checkpoint guard test

• Removes ~150 lines of now-redundant callback tests (toggle, reset, render_stateful, scan_reference, etc.) and adds a focused test verifying that approve_checkpoint blocks when no generated artifact output_path is present.

tests/test_app_callbacks.py


test_command_center.py Add public/private stack split tests and ST3GG fixture tests; trim stale render tests +34/-219

Add public/private stack split tests and ST3GG fixture tests; trim stale render tests

• Adds tests for public stack using FLUX.2-klein-4B and excluding private models, private catalog keeping 9B/OFFELLIA, and ST3GG safe-vs-blocked fixture scan results. Removes ~200 lines of render component tests that were superseded by the refactored render functions.

tests/test_command_center.py


test_exporter.py New tests for write_export_packet evidence and token scrubbing +29/-0

New tests for write_export_packet evidence and token scrubbing

• New test file verifying that write_export_packet produces a valid JSON packet with correct hackathon claim flags, passes the parameter budget check, and does not leak HF tokens into the output.

tests/test_exporter.py


test_hf_runtime.py Add FLUX repo ID split test; trim redundant HF runtime tests +7/-144

Add FLUX repo ID split test; trim redundant HF runtime tests

• Adds a test asserting FLUX_REPO_ID is 4B and PRIVATE_RESEARCH_FLUX_REPO_ID is 9B. Removes ~120 lines of tests for disabled-mode edge cases that are covered by the remaining integration tests.

tests/test_hf_runtime.py


test_model_relay.py Update pinned lane assertion to 4B; add private_image_research lane test +14/-70

Update pinned lane assertion to 4B; add private_image_research lane test

• Updates the pinned lane test to expect FLUX.2-klein-4B, adds a test for the new private_image_research lane selecting the 9B model, and removes ~60 lines of optional gateway detail tests.

tests/test_model_relay.py


test_provider_runtime.py New tests for MiniCPM-V and Nemotron provider adapters +72/-0

New tests for MiniCPM-V and Nemotron provider adapters

• New test file covering missing-secret, no-artifact, mocked-success paths for judge_with_minicpm and missing-secret path for judge_with_nemotron.

tests/test_provider_runtime.py


Documentation (3)
README.md Update README for public 4B stack, sponsor lanes, and hackathon prize mapping +43/-3

Update README for public 4B stack, sponsor lanes, and hackathon prize mapping

• Switches the listed FLUX.2 model from 9B to 4B, adds MiniCPM-V and Nemotron to the model list and tags, documents sponsor/evidence lanes, adds a Build Small prize mapping table, and lists new required secrets.

README.md


HACKATHON_EVALUATION.md Update evaluation doc to reflect implemented features and prize claim rules +26/-8

Update evaluation doc to reflect implemented features and prize claim rules

• Replaces 'remaining gaps' around dry-run provider calls with the new implemented state (real FLUX.2 4B, ST3GG scan, sponsor lanes), updates the next-priority list, and adds a prize claim evidence table.

docs/HACKATHON_EVALUATION.md


HANDOFF_FINAL_HACKATHON.md Add final hackathon handoff document with runtime flow and claim rules +75/-0

Add final hackathon handoff document with runtime flow and claim rules

• New document covering secrets needed, verification commands, runtime flow steps, prize claim rules, known risks, and a last-step checklist for the hackathon submission.

docs/HANDOFF_FINAL_HACKATHON.md


Other (4)
ci.yml Pin NEXUS_DISABLE_REAL_HF env var for CI import and test steps +3/-0

Pin NEXUS_DISABLE_REAL_HF env var for CI import and test steps

• Adds the NEXUS_DISABLE_REAL_HF=1 environment variable to both the 'Import app' and 'Test' CI steps so that real HF runtime calls are never attempted in CI.

.github/workflows/ci.yml


st3gg_examples.json Add ST3GG fixture example manifest for safe and blocked PNG cases +22/-0

Add ST3GG fixture example manifest for safe and blocked PNG cases

• New JSON file describing two ST3GG fixture test cases (clean PNG → pass, PNG with trailing bytes → blocked) used as evidence for the trust strip and tests.

assets/st3gg_examples.json


exporter.py New governed export packet writer with hackathon prize-claim evidence +83/-0

New governed export packet writer with hackathon prize-claim evidence

• New module that writes a versioned JSON export packet to /data or outputs/exports, including run metadata, ST3GG scan, MiniCPM-V judge result, Nemotron evidence, model stack, parameter budget, and hackathon claim flags. Strips HF token from the generation dict before writing.

src/nexus_visual_weaver/exporter.py


provider_runtime.py New optional sponsor judging adapters for MiniCPM-V and Nemotron +237/-0

New optional sponsor judging adapters for MiniCPM-V and Nemotron

• New module implementing judge_with_minicpm and judge_with_nemotron, each calling an OpenAI-compatible API endpoint when secrets are configured, returning a ProviderJudgeResult with status, evidence dict, and latency. Gracefully returns missing_secret, no_artifact, or failed states when unconfigured or on error.

src/nexus_visual_weaver/provider_runtime.py


Grey Divider

ⓘ You are approaching your monthly quota for Qodo. Upgrade your plan

Qodo Logo

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
@coderabbitai

coderabbitai Bot commented Jun 14, 2026

Copy link
Copy Markdown
Contributor

Note

Unit test generation is a public access feature. Expect some limitations and changes as we gather feedback and continue to improve it.


Generating unit tests... This may take up to 20 minutes.

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
specimba and others added 4 commits June 14, 2026 23:46
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
@specimba

Copy link
Copy Markdown
Owner Author

@codex review

@chatgpt-codex-connector

Copy link
Copy Markdown

You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard.
To continue using code reviews, you can upgrade your account or add credits to your account and enable them for code reviews in your settings.

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: d525f1509f

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread app.py
next_state = {**state, "provider_state": "blocked", "export": scan.get("export_gate", "blocked"), "message": "Export blocked: ST3GG gate is not clear."}
else:
next_state = {**state, "provider_state": "exported", "export": "clear", "message": "Governed export packet prepared with run, catalog, and ST3GG evidence."}
export = write_export_packet(run=run, scan=scan, operator_state=state, adult_mode=adult_mode)

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 Badge Bind export scans to generated artifacts

When a generated artifact's ST3GG result is blocked, an operator can click Scan Reference with any clean upload, which updates scan_state to that reference scan while leaving operator_state['generation']['output_path'] pointed at the generated file. This call then writes an export packet for the generated artifact using the unrelated clear scan, so a blocked output can be approved/exported after scanning a different file; use the stored generated scan or verify the scan belongs to the artifact path before exporting.

Useful? React with 👍 / 👎.

Comment thread src/nexus_visual_weaver/exporter.py Outdated
adult_mode: bool,
) -> dict[str, Any]:
run_id = getattr(getattr(run, "checkpoint", None), "checkpoint_id", f"nw-{int(time.time())}")
stack = active_stack(adult_mode)

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Preserve the run's model stack in exports

If Adult Mode is toggled after creating a run, the export packet recomputes the stack from the current checkbox instead of the run that is being exported. That can make the JSON claim the public FLUX.2 4B stack for a private FLUX.2 9B/OFFELLIA run, or the reverse, corrupting the parameter-budget and governance evidence; derive the stack and adult flag from run.model_stack / run.request.adult_mode.

Useful? React with 👍 / 👎.

Comment thread src/nexus_visual_weaver/render.py Outdated
Comment on lines +566 to +567
"openbmb": "configured" if _env_configured("MINICPM_API_KEY", "OPENBMB_API_KEY") else "missing secret",
"nvidia": "configured" if _env_configured("NEMOTRON_API_KEY", "NVIDIA_API_KEY") else "missing secret",

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Require provider base URLs before showing configured

These cards show OpenBMB/NVIDIA as CONFIGURED when only an API key is present, but the actual judge adapters return missing_secret unless MINICPM_BASE_URL or NEMOTRON_BASE_URL is also set. In Spaces with just the token secret configured, the UI will advertise ready sponsor lanes while run_weave cannot call them, so include the required base URL in the configured check.

Useful? React with 👍 / 👎.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 8

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)
app.py (1)

281-299: ⚠️ Potential issue | 🟠 Major | 🏗️ Heavy lift

Keep the export gate bound to the generated artifact, not the reference scan.

This callback now returns the reference-upload scan into the shared scan_state slot. approve_checkpoint() and export_packet() consume that same state for ST3GG gating, so a later reference rescan can unblock or block export based on the wrong file. The generated artifact scan needs its own authoritative state, with reference evidence stored separately.

As per coding guidelines, "**/*.py: Review Gradio callback wiring and region updates in code changes" and "app.py: Check that UI callbacks update the intended regions, never leak secrets, and keep Adult Mode security gates active."

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@app.py` around lines 281 - 299, The export gate in the next_state dictionary
is being set from the reference scan instead of the generated artifact, which
causes approve_checkpoint() and export_packet() to use the wrong gate. Modify
the next_state construction to preserve the export gate from the generated
artifact (keep it from the previous operator_state rather than overriding it
with scan.get("export_gate")), and instead store the reference scan's export
gate separately (for example as "reference_export_gate") for evidence purposes.
Update the message logic to reference the reference scan's gate status for user
feedback without allowing it to control the actual export authorization.

Source: Coding guidelines

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@app.py`:
- Around line 283-290: The `judge_with_minicpm()` call on line 285-290 uses a
fallback to `_file_path(upload)` for the image_path parameter when
`generated_path` is missing. This causes the reference upload to be evaluated
instead of the generated artifact, producing false scoring evidence for a review
that never happened. Modify the logic to only call `judge_with_minicpm()` when a
generated artifact actually exists (i.e., when `generated_path` is not None or
empty), or implement proper handling for the no-artifact case to ensure the
operator state accurately reflects whether scoring was performed on a generated
artifact or not.

In `@docs/HANDOFF_FINAL_HACKATHON.md`:
- Around line 27-35: The NEXUS_DISABLE_REAL_HF environment flag must be set
before any HF-dependent commands to prevent live API access during verification.
In docs/HANDOFF_FINAL_HACKATHON.md (lines 27-35), move the
`$env:NEXUS_DISABLE_REAL_HF='1'` assignment to appear before the `python -c
"import app; print('app import ok')"` line so it gates the app import check. In
README.md (lines 111-117), add `$env:NEXUS_DISABLE_REAL_HF='1'` before the
pytest command to ensure the flag is set during testing. This ensures both
documentation sources match CI behavior and prevent divergence when users follow
the verification steps.

In `@README.md`:
- Around line 95-96: The OpenBMB and NVIDIA prize claim conditions in the
README.md are currently based only on the presence of evidence in an export
packet, which allows failed or incomplete runs to appear claimable. Update both
rows to require that `success` is present in the export packet, in addition to
or instead of the evidence check. This ensures that only successful runs with
valid evidence can be claimed as prizes, making the conditions consistent with
the rest of the documentation.

In `@src/nexus_visual_weaver/exporter.py`:
- Around line 14-30: In the export_root() function, remove the dead code
condition checking if candidate is None and its associated continue statement.
This check is unreachable because the candidates list only contains Path objects
created on lines 16-19 and never includes None values, making the condition
impossible to ever be True.

In `@src/nexus_visual_weaver/provider_runtime.py`:
- Around line 55-67: Add URL scheme validation to the _post_json function before
calling urllib.request.urlopen. Use urllib.parse.urlparse to extract the scheme
from the url parameter and validate that it is one of the expected schemes (such
as https or http). If the scheme is not in the allowlist of expected schemes,
raise an appropriate exception (such as ValueError) with a clear error message.
This validation should occur after the request object is created but before the
urlopen call to ensure only safe URL schemes are used.

In `@src/nexus_visual_weaver/render.py`:
- Around line 55-64: The provider configuration status badges do not account for
all required environment variables that the runtime actually needs. The MiniCPM
and Nemotron provider checks in the configured list only verify API keys
(MINICPM_API_KEY, OPENBMB_API_KEY, NEMOTRON_API_KEY, NVIDIA_API_KEY) but the
actual runtime calls also require base URLs (MINICPM_BASE_URL,
NEMOTRON_BASE_URL). Update the _env_configured calls for MiniCPM and Nemotron to
include checks for their respective base URL environment variables alongside the
API key checks, so the status badges accurately reflect whether a provider can
actually be used at runtime. Apply this same fix to all other locations where
these provider configuration checks appear.
- Around line 109-126: The ST3GG findings and purification_actions are being
rendered directly into HTML without redacting potentially sensitive content like
payload excerpts or recovered hidden data, which violates the security
guideline. Create a redaction function that removes sensitive payload bytes and
hidden content from scan results, then apply this function to the findings and
actions values before they are escaped and rendered in the HTML template (where
findings[0] and actions[0] are currently being used in the escape() calls).
Apply the same redaction logic at the other affected location mentioned in the
comment (lines 667-694) where similar rendering of findings and actions occurs.

In `@tests/test_app_callbacks.py`:
- Line 30: Before setting the operator_state with the hardcoded output_path
value of "outputs/test-generated-artifact.png" on line 30, ensure the artifact
file is actually created at that path. This prevents the test from becoming
flaky when artifact-existence gating validates that the file exists. Create the
"outputs/test-generated-artifact.png" file in your test setup or as a fixture
before the assertion that depends on this path.

---

Outside diff comments:
In `@app.py`:
- Around line 281-299: The export gate in the next_state dictionary is being set
from the reference scan instead of the generated artifact, which causes
approve_checkpoint() and export_packet() to use the wrong gate. Modify the
next_state construction to preserve the export gate from the generated artifact
(keep it from the previous operator_state rather than overriding it with
scan.get("export_gate")), and instead store the reference scan's export gate
separately (for example as "reference_export_gate") for evidence purposes.
Update the message logic to reference the reference scan's gate status for user
feedback without allowing it to control the actual export authorization.
🪄 Autofix (Beta)

✅ Autofix completed


ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: c31802fd-f22f-4d73-b70c-583b633efdd2

📥 Commits

Reviewing files that changed from the base of the PR and between c51aa52 and d525f15.

⛔ Files ignored due to path filters (2)
  • tests/fixtures/st3gg_blocked_trailing.png is excluded by !**/*.png
  • tests/fixtures/st3gg_safe_clean.png is excluded by !**/*.png
📒 Files selected for processing (20)
  • .github/workflows/ci.yml
  • README.md
  • app.py
  • assets/st3gg_examples.json
  • docs/HACKATHON_EVALUATION.md
  • docs/HANDOFF_FINAL_HACKATHON.md
  • src/nexus_visual_weaver/catalog.py
  • src/nexus_visual_weaver/exporter.py
  • src/nexus_visual_weaver/hf_runtime.py
  • src/nexus_visual_weaver/model_relay.py
  • src/nexus_visual_weaver/provider_runtime.py
  • src/nexus_visual_weaver/render.py
  • src/nexus_visual_weaver/schema.py
  • src/nexus_visual_weaver/styles.py
  • tests/test_app_callbacks.py
  • tests/test_command_center.py
  • tests/test_exporter.py
  • tests/test_hf_runtime.py
  • tests/test_model_relay.py
  • tests/test_provider_runtime.py

Comment thread app.py Outdated
Comment on lines +27 to +35
```powershell
python -m compileall app.py src tests
python -c "import app; print('app import ok')"
$env:NEXUS_DISABLE_REAL_HF='1'
$env:PYTEST_DISABLE_PLUGIN_AUTOLOAD='1'
python -m pytest -q tests -p no:cacheprovider
hf auth whoami --format json
hf spaces info build-small-hackathon/NEXUS_Visual_Weaver --format json
```

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Set the HF-disable flag before any HF-dependent verification command.

The documented verification flows should gate live HF access before import app or pytest. Right now the handoff imports first and the README omits the flag entirely, so copying the docs can still hit the live path and diverge from CI.

  • docs/HANDOFF_FINAL_HACKATHON.md#L27-L35: move $env:NEXUS_DISABLE_REAL_HF='1' above python -c "import app; print('app import ok')" and keep it set for the pytest step.
  • README.md#L111-L117: add $env:NEXUS_DISABLE_REAL_HF='1' before the pytest command.
♻️ Proposed fix
- python -m compileall app.py src tests
- python -c "import app; print('app import ok')"
- $env:NEXUS_DISABLE_REAL_HF='1'
+ $env:NEXUS_DISABLE_REAL_HF='1'
+ python -m compileall app.py src tests
+ python -c "import app; print('app import ok')"
  $env:PYTEST_DISABLE_PLUGIN_AUTOLOAD='1'
  python -m pytest -q tests -p no:cacheprovider
 python -m compileall app.py src tests
+$env:NEXUS_DISABLE_REAL_HF='1'
 $env:PYTEST_DISABLE_PLUGIN_AUTOLOAD='1'
 python -m pytest -q tests -p no:cacheprovider --basetemp=C:\tmp\pytest-nvw-full
📍 Affects 2 files
  • docs/HANDOFF_FINAL_HACKATHON.md#L27-L35 (this comment)
  • README.md#L111-L117
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/HANDOFF_FINAL_HACKATHON.md` around lines 27 - 35, The
NEXUS_DISABLE_REAL_HF environment flag must be set before any HF-dependent
commands to prevent live API access during verification. In
docs/HANDOFF_FINAL_HACKATHON.md (lines 27-35), move the
`$env:NEXUS_DISABLE_REAL_HF='1'` assignment to appear before the `python -c
"import app; print('app import ok')"` line so it gates the app import check. In
README.md (lines 111-117), add `$env:NEXUS_DISABLE_REAL_HF='1'` before the
pytest command to ensure the flag is set during testing. This ensures both
documentation sources match CI behavior and prevent divergence when users follow
the verification steps.

Comment thread README.md Outdated
Comment thread src/nexus_visual_weaver/exporter.py
Comment thread src/nexus_visual_weaver/provider_runtime.py Outdated
Comment thread src/nexus_visual_weaver/render.py
Comment thread src/nexus_visual_weaver/render.py Outdated
Comment thread tests/test_app_callbacks.py Outdated
@coderabbitai

coderabbitai Bot commented Jun 14, 2026

Copy link
Copy Markdown
Contributor

✅ Unit tests committed locally. Commit: e808a7f4cd523acda5efe813a641fd20aa8794e0

@coderabbitai

coderabbitai Bot commented Jun 14, 2026

Copy link
Copy Markdown
Contributor

Note

Autofix is a beta feature. Expect some limitations and changes as we gather feedback and continue to improve it.

Fixes Applied Successfully

Fixed 7 file(s) based on 8 unresolved review comments.

Files modified:

  • README.md
  • app.py
  • docs/HANDOFF_FINAL_HACKATHON.md
  • src/nexus_visual_weaver/exporter.py
  • src/nexus_visual_weaver/provider_runtime.py
  • src/nexus_visual_weaver/render.py
  • tests/test_app_callbacks.py

Commit: f22f2545fb044c99b944f015b397680a59bd6050

The changes have been pushed to the codex/specimba/ui-polish-command-center branch.

Time taken: 2m 57s

Fixed 7 file(s) based on 8 unresolved review comments.

Co-authored-by: CodeRabbit <noreply@coderabbit.ai>
@kilo-code-bot

kilo-code-bot Bot commented Jun 14, 2026

Copy link
Copy Markdown

Code Review Summary

Status: 5 Issues Found | Recommendation: Address before merge

Overview

Severity Count
CRITICAL 1
WARNING 4
SUGGESTION 0
Issue Details (click to expand)

CRITICAL

File Line Issue
src/nexus_visual_weaver/exporter.py 49 Potentially sensitive output_path path exposed in export packet without sanitization

WARNING

File Line Issue
src/nexus_visual_weaver/provider_runtime.py 193 Model selection logic may default incorrectly when NEMOTRON_MODEL env var contains neither 'Parse' nor 'parse'
src/nexus_visual_weaver/render.py 588-592 Potential KeyError if relay_status decision lacks expected keys (lane, strategy)
src/nexus_visual_weaver/catalog.py 203-205 active_stack() could raise KeyError if repo_id in stack constants is missing from catalog
src/nexus_visual_weaver/model_relay.py 298-301 dashboard_snapshot creates LaneDecision without error handling for missing models
Other Observations (not in diff)

Issues found in unchanged code that cannot receive inline comments:

File Line Issue
src/nexus_visual_weaver/security.py 62-65 _png_trailing_data reads entire file into memory which could be problematic for large files (currently capped at 5MB but still read fully)
src/nexus_visual_weaver/hf_runtime.py 41-54 _output_dir falls back silently to outputs/runtime on PermissionError without logging
Files Reviewed (7 files)
  • src/nexus_visual_weaver/exporter.py - 1 issue
  • src/nexus_visual_weaver/provider_runtime.py - 1 issue
  • src/nexus_visual_weaver/render.py - 1 issue
  • src/nexus_visual_weaver/catalog.py - 1 issue
  • src/nexus_visual_weaver/model_relay.py - 1 issue
  • src/nexus_visual_weaver/security.py - 1 issue (in Other Observations)
  • src/nexus_visual_weaver/hf_runtime.py - 1 issue (in Other Observations)

"prompt": getattr(getattr(run, "request", None), "prompt", ""),
"refined_prompt": getattr(getattr(run, "refined_prompt", None), "refined", ""),
"artifact": (operator_state.get("generation") or {}).get("output_path"),
"generation": generation,

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

CRITICAL: Potential information disclosure - output_path path exposed in export packet

The artifact field contains the raw file path which could reveal internal directory structure. Consider sanitizing to only include filename.


Reply with @kilocode-bot fix it to have Kilo Code address this issue.

"Content-Type": "application/json",
},
method="POST",
)

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

WARNING: URL scheme validation added but error message could be more helpful

The scheme check is good for security, but the error message could include the actual URL that failed for debugging.


Reply with @kilocode-bot fix it to have Kilo Code address this issue.

operator_state = operator_state or {}
status = str(scan.get("status", "idle")).upper()
export_gate = str(scan.get("export_gate", "pending")).upper()
checkpoint = str(operator_state.get("checkpoint", "pending")).replace("_", " ").title()

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

WARNING: Missing _scan_status_tone function definition in diff context

This function is called on line 125 but its definition appears at line 622 in the original file. Ensure the function exists in the correct location for the new code path.


Reply with @kilocode-bot fix it to have Kilo Code address this issue.

@@ -623,8 +590,6 @@ def render_provider_cards(relay_status: dict | None = None, adult_mode: bool = F
<span>{escape(str(provider))} / {escape(str(gate))}</span>

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

WARNING: Missing key access could cause display issues

Line 606 accesses provider in {"openbmb", "nvidia", "hf_nvidia"} but line 576 uses primary.get("provider", "blocked") which may return 'blocked' string, potentially causing incorrect badge rendering.


Reply with @kilocode-bot fix it to have Kilo Code address this issue.

@kilo-code-bot

kilo-code-bot Bot commented Jun 14, 2026

Copy link
Copy Markdown

Code Review Summary

Status: 9 Issues Found | Recommendation: Address before merge

Overview

Severity Count
CRITICAL 0
WARNING 9
SUGGESTION 0
Issue Details (click to expand)

CRITICAL

File Line Issue

WARNING

File Line Issue
app.py 300 scan_reference invokes sponsor judging on the uploaded reference image, causing an unexpected external provider call and sending the reference image to OpenBMB when configured.
app.py 313 scan_reference can preserve stale export state instead of deriving it from the authoritative generated-artifact scan.
src/nexus_visual_weaver/provider_runtime.py 62 Invalid URL error includes the full configured URL, which may leak query-string credentials through provider results/UI.
src/nexus_visual_weaver/render.py 69 ST3GG rendering redaction is keyword-allowlist based and can miss future raw payload/hidden-content wording.
src/nexus_visual_weaver/render.py 598 Missing provider key handling can render blocked as a provider label in relay cards.
src/nexus_visual_weaver/catalog.py 203 active_stack() uses by_id[repo_id] without .get(), which can raise KeyError if catalog constants drift.
src/nexus_visual_weaver/model_relay.py 298 dashboard_snapshot() creates LaneDecision entries without error handling for missing models.
Other Observations (not in diff)

Issues found in unchanged code:

File Line Issue
src/nexus_visual_weaver/security.py 62-65 _png_trailing_data reads the entire file into memory before enforcing the 5MB cap.
src/nexus_visual_weaver/hf_runtime.py 41-54 _output_dir falls back silently on PermissionError without logging.
Files Reviewed (14 files)
  • app.py - 2 issues
  • src/nexus_visual_weaver/provider_runtime.py - 1 issue; previous URL-message warning resolved
  • src/nexus_visual_weaver/render.py - 2 issues
  • src/nexus_visual_weaver/catalog.py - 1 unchanged-code issue carried forward
  • src/nexus_visual_weaver/model_relay.py - 1 unchanged-code issue carried forward
  • src/nexus_visual_weaver/exporter.py - previous output-path disclosure resolved by filename sanitization
  • src/nexus_visual_weaver/security.py - 1 unchanged-code observation
  • src/nexus_visual_weaver/hf_runtime.py - 1 unchanged-code observation
  • README.md - reviewed
  • docs/HANDOFF_FINAL_HACKATHON.md - reviewed
  • tests/test_app_callbacks.py - reviewed
  • tests/test_command_center.py - reviewed
  • tests/test_exporter.py - reviewed
  • tests/test_provider_runtime.py - reviewed

Fix these issues in Kilo Cloud


Reviewed by nex-n2-pro:free · 1,335,889 tokens

Comment thread app.py
reference_scan = scan_file(reference_path)
generated_scan = _authoritative_generated_scan(state)
minicpm = None
if run is not None and reference_path:

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

WARNING: scan_reference invokes sponsor judging on the uploaded reference image

scan_reference() is the reference-upload scan path, but this block calls judge_with_minicpm() with reference_path whenever a reference file exists. The resulting reference_judge state is not rendered in the sponsor evidence UI, so configured secrets can trigger an unexpected external provider call and send the reference image to OpenBMB without visible operator evidence.

Reply with @kilocode-bot fix it to have Kilo Code address this issue.

Comment thread app.py
"reference_scan": reference_scan,
"reference_export_gate": reference_scan.get("export_gate", "pending"),
"export": state.get("export", generated_scan.get("export_gate", "pending")),
"message": (

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

WARNING: scan_reference can preserve stale export-gate state

This merges the previous export value from operator state instead of deriving export state from _authoritative_generated_scan(state). If a stale clear export gate is already present, the UI/operator state can remain clear even when the generated artifact scan is blocked; checkpoint/export callbacks recompute the gate, but the intermediate state can still be inconsistent.

Reply with @kilocode-bot fix it to have Kilo Code address this issue.

def _post_json(url: str, token: str, payload: dict[str, Any], timeout: float) -> dict[str, Any]:
parsed = urllib.parse.urlparse(url)
if parsed.scheme not in {"http", "https"} or not parsed.netloc:
raise ValueError(f"Invalid URL: expected http(s) URL with host, got {url!r}.")

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

WARNING: Invalid URL error may leak query credentials

Including the full configured URL in the exception is useful for debugging, but Space/provider base URLs can contain query-string secrets. Because this exception is surfaced through provider results and potentially the UI, prefer a redacted URL or only include scheme/netloc/path without query credentials.

Reply with @kilocode-bot fix it to have Kilo Code address this issue.

def _redact_scan_text(value: object) -> str:
text = str(value)
lowered = text.lower()
if any(term in lowered for term in _SCAN_REDACTION_TERMS):

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

WARNING: ST3GG rendering redaction is keyword-allowlist based

The redaction only triggers for specific terms such as payload, hidden content, and base64. If a future scanner finding contains raw payload bytes or recovered content with different wording, it will be escaped but still displayed. For a security boundary, prefer redacting at the scanner/export boundary or defaulting findings/actions to redacted unless they are explicitly allowlisted as safe metadata.

Reply with @kilocode-bot fix it to have Kilo Code address this issue.

@specimba

Copy link
Copy Markdown
Owner Author

PR #5 follow-up verification after commit 1cca102:

  • Fixed generated artifact ST3GG binding: scan_reference can no longer clear or block the generated artifact export gate.
  • Export/checkpoint now recompute the generated artifact scan from generation.output_path at gate time.
  • Export packet uses the run's model_stack / adult_mode, sanitizes artifact paths to filenames, and rejects NEXUS_EXPORT_DIR targets under src/ or outside isolated export roots.
  • Provider readiness now requires base URL + key for MiniCPM/Nemotron, and ST3GG UI evidence is redacted before render.

Local gates:

  • python -m compileall app.py src tests passed.
  • NEXUS_DISABLE_REAL_HF=1 python -c "import app; print('app import ok')" passed.
  • NEXUS_DISABLE_REAL_HF=1 PYTEST_DISABLE_PLUGIN_AUTOLOAD=1 python -m pytest -q tests -p no:cacheprovider passed: 122 passed, 1 warning.
  • Secret-pattern scans found no HF/Bearer/sk-style tokens in tracked app/doc/test files.

HF Space:

  • Uploaded Space commit dc6756e8bc288e091e584a75867eff1af4a01ad5 from branch commit 1cca102118b3a1792f926d15fbd12fd2e8705b9e.
  • Space is RUNNING on ZeroGPU and public root + /gradio_api/info return HTTP 200.
  • Remote Space files were downloaded and verified to contain _authoritative_generated_scan and _safe_export_candidate.

Known external blocker:

  • GitHub Python tests check did not start because Actions reports the account is locked due to a billing issue. This is not an app/test failure; local and HF gates above are the current verification source.

@specimba specimba merged commit b3856e9 into main Jun 14, 2026
4 of 5 checks passed

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

generated_uri = _image_data_uri(generation.get("output_path")) if isinstance(generation, dict) else None

P2 Badge Don't embed blocked artifacts as data URIs

When a generated artifact fails ST3GG, this still base64-embeds the original file into the dashboard HTML before the export gate is checked. For the blocked PNG trailing-data case, the browser receives the full data URI including the hidden trailing bytes, so use a sanitized thumbnail or suppress the preview until the generated scan is clear.

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread app.py
Comment on lines +300 to +301
if run is not None and reference_path:
minicpm = judge_with_minicpm(

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 Badge Gate MiniCPM scans on a clear ST3GG result

When MiniCPM secrets are configured, clicking Scan Reference with a PNG that ST3GG just marked blocked still enters this branch and sends reference_path to judge_with_minicpm; that adapter base64-encodes the whole file before posting it. In the blocked trailing-payload case covered by the new fixtures, this leaks the unpurified hidden bytes to an external provider before review, so this call should be skipped unless the reference scan is clear or a purified derivative is used.

Useful? React with 👍 / 👎.

Comment thread app.py
scan = scan_file(_file_path(upload))
generation = generate_flux_image(run.refined_prompt.refined, seed=int(run.checkpoint.checkpoint_id[-6:], 16) % 1_000_000)
reference_scan = scan_file(_file_path(upload))
generation = generate_flux_image(run.refined_prompt.refined, seed=_checkpoint_seed(run.checkpoint.checkpoint_id))

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Route adult-mode generation to the run's selected stack

Fresh evidence beyond the prior export-stack issue: when Adult Mode is enabled, build_command_center_run(..., adult_mode=True) records the private research stack headed by FLUX.2 9B, but this generation call has no mode/repo argument and generate_flux_image always uses the 4B FLUX_REPO_ID. Adult/private runs on a Space can therefore produce and export a 4B artifact while the run/model-stack evidence says 9B/private stack, corrupting the governance and parameter-budget record for that run.

Useful? React with 👍 / 👎.


def _post_json(url: str, token: str, payload: dict[str, Any], timeout: float) -> dict[str, Any]:
parsed = urllib.parse.urlparse(url)
if parsed.scheme not in {"http", "https"} or not parsed.netloc:

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Reject non-local plaintext provider URLs

If a Space secret sets MINICPM_BASE_URL or NEMOTRON_BASE_URL to a non-local http:// endpoint, this check accepts it and _post_json sends the bearer token plus the image/run payload over cleartext. That exposes provider credentials and generated/reference artifacts on the network; keep HTTPS required for remote hosts and only allow plaintext for explicit localhost development endpoints.

Useful? React with 👍 / 👎.

return None
suffix = target.suffix.lower()
mime = "image/png" if suffix == ".png" else "image/jpeg" if suffix in {".jpg", ".jpeg"} else "image/webp"
data = base64.b64encode(target.read_bytes()).decode("ascii")

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Bound image size before base64 provider uploads

When a user scans a large uploaded reference with MiniCPM configured, this reads the entire file into memory and then base64-encodes it before posting, so a single oversized upload can spike memory and stall or kill the Space process. The ST3GG scanner only samples the file and does not cap this provider path, so enforce a size limit before read_bytes() or stream/reject large artifacts.

Useful? React with 👍 / 👎.

Comment on lines +51 to +53
suffix = target.suffix.lower()
mime = "image/png" if suffix == ".png" else "image/jpeg" if suffix in {".jpg", ".jpeg"} else "image/webp"
data = base64.b64encode(target.read_bytes()).decode("ascii")

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Verify image signatures before MiniCPM uploads

When the uploaded file is not a supported image that ST3GG already blocks, this helper still labels every non-PNG/JPEG suffix as image/webp and base64-encodes the bytes. With MiniCPM secrets configured, a low-entropy .txt or other arbitrary upload can be sent to the visual provider as an image instead of returning no_artifact; validate the extension/magic against supported image types before reading and posting the file.

Useful? React with 👍 / 👎.

Comment thread app.py
run=run,
adult_mode=adult_mode,
scan=scan,
scan=generated_scan,

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Surface blocked reference scans during runs

If the operator uploads a blocked reference and starts a run, the reference is scanned but the dashboard and scan state are rendered from generated_scan instead. In local dry-run/no-artifact cases this makes the trust strip and evidence JSON show idle/pending while the uploaded reference is already blocked, so surface the reference scan separately or include its warning without letting it clear the generated artifact's export gate.

Useful? React with 👍 / 👎.

@coderabbitai coderabbitai Bot mentioned this pull request Jun 15, 2026
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant