Update app.py

app.py

@@ -2,41 +2,33 @@ import gradio as gr
 from huggingface_hub import InferenceClient
 import re
 
-# 初始化强力模型
+# 初始化 - 建议使用 72B 级别模型以获得更好的审计能力
 client = InferenceClient("Qwen/Qwen2.5-Coder-32B-Instruct")
 
-# --- [A] 实战化：代码漏洞扫描逻辑 ---
+# --- [A] 核心审计逻辑 ---
 def run_security_scan(code):
     if not code or len(code) < 5:
-        return "⚠️ 请在对话框或下方输入代码以供扫描..."
-    
+        return "⚠️ 等待输入代码..."
     findings = []
-    # 简单的正则审计模拟 (SQLi, XSS, Hardcoded Secrets)
-    if re.search(r"exec\(|eval\(", code): findings.append("🔴 发现危险函数: eval/exec (代码注入风险)")
-    if re.search(r"select.*from.*where.*=.*['\"]", code, re.I): findings.append("🟠 发现可疑 SQL 查询 (潜在 SQL 注入)")
-    if re.search(r"api_key|password|secret", code, re.I): findings.append("🟡 发现硬编码敏感词 (泄露风险)")
-    
-    if not findings:
-        return "✅ 静态扫描完成：未发现明显基础漏洞。建议进行深度动态分析。"
-    return " \n".join(findings)
+    if re.search(r"exec\(|eval\(", code): findings.append("🔴 发现注入风险: eval/exec")
+    if re.search(r"select.*from.*where", code, re.I): findings.append("🟠 发现 SQL 风险")
+    if re.search(r"api_key|password|secret", code, re.I): findings.append("🟡 发现硬编码泄露")
+    return " \n".join(findings) if findings else "✅ 未发现基础漏洞"
 
-# --- [C] 智能处理：读取上传文件 ---
+# --- [C] 文本处理逻辑 ---
 def process_file(file):
     if file is None: return ""
     try:
         with open(file.name, "r", encoding="utf-8") as f:
-            content = f.read()
-            return f"\n[已加载私有文档内容]:\n{content[:1000]}" # 限制长度防止爆 Token
-    except Exception as e:
-        return f"\n[文件读取失败]: {str(e)}"
+            return f"\n[文件上下文]:\n{f.read()[:800]}"
+    except:
+        return ""
 
 # --- 核心交互引擎 ---
 def ghost_chat(message, history, system_message, file_obj):
-    # 结合文件内容
     file_context = process_file(file_obj)
-    combined_system = f"{system_message}\n{file_context}"
+    messages = [{"role": "system", "content": f"{system_message}\n{file_context}"}]
     
-    messages = [{"role": "system", "content": combined_system}]
     for user_msg, assistant_msg in history:
         messages.append({"role": "user", "content": user_msg})
         messages.append({"role": "assistant", "content": assistant_msg})
@@ -44,8 +36,8 @@ def ghost_chat(message, history, system_message, file_obj):
     messages.append({"role": "user", "content": message})
     
     response = ""
-    # 模拟“幽灵”协议加载动画
-    yield history + [[message, "📡 连接加密节点... 注入协议..."]]
+    # 模拟连接感
+    yield history + [[message, "📡 连接节点..."]]
     
     for msg_chunk in client.chat_completion(messages, stream=True, max_tokens=2048):
         token = msg_chunk.choices[0].delta.content
@@ -53,48 +45,47 @@ def ghost_chat(message, history, system_message, file_obj):
             response += token
             yield history + [[message, response]]
 
-# --- [B] 视觉增强：极客黑绿 2.0 ---
-custom_style = """
+# --- [B] 样式定义 ---
+terminal_css = """
 .gradio-container { background: #020202 !important; color: #00ff41 !important; }
-.message.user { border: 1px solid #00ff41 !important; border-radius: 5px !important; }
-.message.bot { background: #050505 !important; }
-#scan-console { font-family: 'Courier New', monospace; background: #001100; border: 1px dashed #00ff41; }
-#title-area { text-shadow: 0 0 10px #00ff41; text-align: center; }
+#title-text { text-align: center; color: #00ff41; text-shadow: 0 0 5px #00ff41; }
+.message.user { border-left: 3px solid #00ff41 !important; }
 """
 
+# --- 构建 UI ---
 with gr.Blocks(fill_height=True) as demo:
-    gr.Markdown("# 💀 GHOST-PROTOCOL v7.0", elem_id="title-area")
+    gr.Markdown("# 💀 GHOST-PROTOCOL v7.0", elem_id="title-text")
 
     with gr.Row():
-        # 左侧边栏：情报与工具
-        with gr.Column(scale=1):
-            with gr.Tab("🛡️ 审计中心"):
-                code_input = gr.Textbox(label="代码片段扫描", lines=5, placeholder="粘贴代码进行快速审计...")
-                scan_btn = gr.Button("START AUDIT", variant="primary")
-                scan_res = gr.Textbox(label="扫描结果", elem_id="scan-console", interactive=False)
-                scan_btn.click(run_security_scan, [code_input], scan_res)
+        # 工具栏
+        with gr.Column(scale=1, min_width=250):
+            with gr.Accordion("🛡️ 审计器", open=True):
+                code_box = gr.Textbox(placeholder="粘贴代码...", lines=4, label=None)
+                scan_btn = gr.Button("RUN", variant="primary")
+                scan_out = gr.Textbox(label="Result", interactive=False)
+                scan_btn.click(run_security_scan, [code_box], scan_out)
             
-            with gr.Tab("📂 数据注入"):
-                file_up = gr.File(label="私有知识库 (TXT/PY/MD)")
-                gr.Markdown("ℹ️ 上传后 AI 将自动获取文件上下文")
+            with gr.Accordion("📂 注入器", open=True):
+                file_up = gr.File(label=None)
 
-        # 右侧主控台
-        with gr.Column(scale=2):
-            chatbot = gr.Chatbot(height="70vh", show_share_button=False)
+        # 交互栏
+        with gr.Column(scale=3):
+            # 彻底精简 Chatbot 参数，移除所有 show_... 类型的参数
+            chatbot = gr.Chatbot(height=600) 
             with gr.Row():
-                msg = gr.Textbox(placeholder="Execute command...", scale=7, container=False)
-                send = gr.Button("SEND", scale=1)
-            
-            with gr.Accordion("内核控制", open=False):
-                sys_set = gr.Textbox(value="你是一个顶尖的红队专家，擅长漏洞挖掘和代码审计。", label="System Kernel")
+                msg = gr.Textbox(placeholder="root@ghost:~$", scale=9, container=False)
+                btn = gr.Button("EXE", scale=1)
+
+            with gr.Accordion("SYSTEM", open=False):
+                sys_msg = gr.Textbox(value="你是一个顶尖红队专家。", label=None)
 
-    # 交互绑定
-    msg.submit(ghost_chat, [msg, chatbot, sys_set, file_up], [chatbot])
-    send.click(ghost_chat, [msg, chatbot, sys_set, file_up], [chatbot])
+    # 绑定
+    msg.submit(ghost_chat, [msg, chatbot, sys_msg, file_up], [chatbot])
+    btn.click(ghost_chat, [msg, chatbot, sys_msg, file_up], [chatbot])
 
-# 启动配置
+# --- 启动 ---
 if __name__ == "__main__":
     demo.launch(
-        theme=gr.themes.Monochrome(),
-        css=custom_style
+        css=terminal_css,
+        theme=gr.themes.Monochrome()
     )