Cerebras Support

[olesho]

• Fixed Cerebras provider support in BrowserOperator
• Added Cerebras into Agent Sever API

Summary by CodeRabbit

Release Notes

• New Features

  • Added support for Cerebras, Anthropic, and Google as LLM provider options
  • Introduced DOM snapshot capture capability for browser automation agents

• Improvements

  • Enhanced error handling and logging for LLM provider API interactions
  • Improved schema compatibility and transformation for better API request processing

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[chatgpt-codex-connector]

Codex usage limits have been reached for code reviews. Please check with the admins of this repo to increase the limits by adding credits.
Credits must be used to enable repository wide code reviews.

[claude]

Claude finished @olesho's task —— View job

---

Code Review: Cerebras Support

I've completed a comprehensive review of this PR that adds Cerebras provider support. Here's my detailed feedback:

📊 Review Summary

Overall Assessment: ✅ Good implementation with minor improvements needed
Files Changed: 2 files (+184/-9)

• agent-server/nodejs/src/lib/BrowserAgentServer.js (+64/-1)
• front_end/panels/ai_chat/LLM/CerebrasProvider.ts (+120/-8)

---

🚀 Strengths

Code Quality

• ✅ Excellent TypeScript implementation with proper type definitions
• ✅ Follows existing patterns in the codebase
• ✅ Comprehensive error handling and logging throughout
• ✅ Clean separation of concerns and good class structure
• ✅ Good use of async/await patterns
• ✅ Proper OpenAI-compatible API implementation

Functionality

• ✅ Full feature implementation: chat completions, function calling, tool support
• ✅ Smart schema simplification for Cerebras API compatibility
• ✅ Robust model fetching with fallback to default models
• ✅ Connection testing functionality
• ✅ Credential validation

---

⚠️ Issues Found

🔒 Security Concerns

1. API Key Exposure in Logs (agent-server/nodejs/src/lib/BrowserAgentServer.js:440)

   logger.info('LLM configuration updated', {
     clientId: connection.clientId,
     provider: connection.llmConfig.provider,
     models: connection.llmConfig.models,
     hasApiKey: !!connection.llmConfig.apiKey, // ✅ Good - boolean only
     hasEndpoint: !!connection.llmConfig.endpoint
   });

   Status: ✅ Already handled correctly - only logs boolean presence

2. Debug Logs with Sensitive Data (front_end/panels/ai_chat/LLM/CerebrasProvider.ts:384-386)

   logger.debug('Fetching available Cerebras models...', {
     receivedApiKey: apiKey ? `${apiKey.substring(0, 5)}...` : 'none',
     // ... safely truncated
   });

   Status: ✅ Good practice - API keys are safely truncated

🐛 Potential Bugs

1. Race Condition Risk (agent-server/nodejs/src/lib/BrowserAgentServer.js:409-433)

   • Partial config updates could cause inconsistent state if multiple updates occur simultaneously
   • Recommendation: Add mutex or validation to ensure config integrity

2. Schema Simplification Edge Cases (front_end/panels/ai_chat/LLM/CerebrasProvider.ts:141-181)

   • Complex nested schemas might not be handled correctly
   • Recommendation: Add validation for deeply nested schemas

📈 Performance Considerations

1. Schema Processing Overhead

   • Schema simplification runs on every API call with tools
   • Impact: Low - only affects tool-calling requests
   • Optimization: Could cache simplified schemas

2. Model Fetching Strategy

   • Falls back to API call every time getModels() is called
   • Recommendation: Implement caching with TTL for better performance

---

❗ Critical Issues

🧪 Test Coverage - MAJOR CONCERN

Status: ❌ NO TESTS FOUND

The implementation lacks any unit tests, which is concerning for a provider integration:

Missing Test Coverage:

• API request/response handling
• Schema simplification logic
• Error handling scenarios
• Function calling functionality
• Model fetching and fallbacks
• Connection testing
• Credential validation

Recommendation: Add comprehensive test suite covering:

describe('CerebrasProvider', () => {
  describe('API Integration', () => {
    // Test API calls, error handling
  });
  
  describe('Schema Simplification', () => {
    // Test complex schema edge cases
  });
  
  describe('Function Calling', () => {
    // Test tool/function call scenarios
  });
});

---

🔧 Specific Code Issues

BrowserAgentServer.js

1. Line 384: Supported providers list should be centralized

   // Consider moving to a constants file
   const supportedProviders = ['openai', 'litellm', 'groq', 'openrouter', 'cerebras', 'anthropic', 'google'];

2. Lines 409-433: Complex config merging logic could be extracted to a helper method

CerebrasProvider.ts

1. Line 326: Hardcoded response_format deletion

   // IMPORTANT: Cerebras does not support response_format with function calling
   delete payloadBody.response_format; // Consider more explicit handling

2. Lines 447-457: Function calling model detection could use a Set for better performance

   private static readonly FUNCTION_CALLING_MODELS = new Set([
     'llama-3.3-70b', 'llama-3.1-70b', 'llama-3.1-8b', 'qwen-3-32b'
   ]);

---

🎯 Recommendations

High Priority

1. Add comprehensive test suite - This is the most critical missing piece
2. Add input validation for API parameters
3. Implement request caching for model listings

Medium Priority

1. Extract constants to separate configuration files
2. Add retry logic for failed API requests beyond the basic retry manager
3. Improve error messages with more specific Cerebras API error codes

Low Priority

1. Add JSDoc comments for better API documentation
2. Consider adding request timeout configuration
3. Add metrics/telemetry for API usage tracking

---

✅ Approval Criteria Met

• ✅ Functional implementation that integrates properly
• ✅ Follows established patterns in codebase
• ✅ Good error handling and logging
• ✅ No obvious security vulnerabilities
• ❌ Missing comprehensive test coverage

🎭 Final Verdict

Conditionally Approved with the requirement to add test coverage before merging. The implementation is solid and follows good practices, but the lack of tests is a significant concern for a provider integration that handles external API calls.

---

[coderabbitai]

Walkthrough

Extends BrowserAgentServer to support cerebras, anthropic, and google LLM providers in the configure_llm flow and introduces a captureDOMSnapshot capability via Chrome DevTools Protocol. CerebrasProvider now includes schema simplification for unsupported fields, enhanced error handling with detailed logging, and improved API request debugging.

Changes

Cohort / File(s)	Summary
LLM Provider Support Extension agent-server/nodejs/src/lib/BrowserAgentServer.js	Extended provider validation in handleConfigureLLM to include cerebras, anthropic, and google alongside existing providers (openai, litellm, groq, openrouter).
DOM Snapshot Capture Capability agent-server/nodejs/src/lib/BrowserAgentServer.js	Added captureDOMSnapshot(tabId, options) method that invokes Chrome DevTools Protocol DOMSnapshot.captureSnapshot with configurable computed styles, DOM rect inclusion, and paint order. Includes parameter parsing, logging, response validation, and error handling for missing DOMSnapshot domain (requires Chrome 74+).
Cerebras Provider Enhancements front_end/panels/ai_chat/LLM/CerebrasProvider.ts	Introduced schema simplification logic to prune unsupported JSON Schema fields; refactored error handling to extract and log messages from error.message or error.message.path; removed response_format from request payloads; added obfuscated key logging; updated fetchModels to accept optional apiKey parameter; enhanced debug logging with payload details (model, message count, tool count, temperature, tool_choice, tool names).

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Key areas requiring focused attention:

• captureDOMSnapshot method: Verify Chrome version compatibility check and error handling paths for missing DOMSnapshot domain; confirm response validation logic correctly validates documents and strings structure.
• CerebrasProvider schema simplification: Review the simplifySchemaForCerebras logic to ensure oneOf/anyOf pruning handles nested schemas correctly and preserves required functionality; confirm unsupported field removal does not inadvertently break tool definitions.
• Error extraction logic: Validate that the dual-path error message extraction (error.message vs error.message.path) covers all Cerebras API error response formats.
• API payload modifications: Ensure removal of response_format does not cause unexpected API behavior; verify logging does not expose sensitive information beyond the obfuscated key preview.

Possibly related PRs

• Additional build fixes #79: Adds corresponding frontend implementations for the newly supported LLM providers (cerebras, anthropic, google) on the client side.
• Add support for more providers and conversation history #71: Concurrently adds support for the same three LLM providers (cerebras, anthropic, google) across provider configuration and lists.

Poem

🐰 Hops with glee through Cerebras fields,
DOM snapshots captured, fresh insight revealed!
Schemas simplified, errors now clear,
New providers join the LLM frontier! ✨

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'Cerebras Support' directly corresponds to the main changes: adding Cerebras as a supported LLM provider in BrowserAgentServer and implementing comprehensive Cerebras-specific functionality in CerebrasProvider.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feat/cerebras-evals-main

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (2)

front_end/panels/ai_chat/LLM/CerebrasProvider.ts (2)

141-181: Consider adding debug logging for schema transformations.

The oneOf/anyOf handling silently picks one option, which could make debugging difficult when tool calls fail unexpectedly. Consider logging when significant transformations occur (e.g., when oneOf/anyOf is collapsed or unsupported fields are stripped), especially at debug level.

+    // Track if we're making significant transformations
+    let transformations: string[] = [];
+
     for (const key of Object.keys(schema)) {
       // Skip unsupported schema fields
       if (CerebrasProvider.UNSUPPORTED_SCHEMA_FIELDS.has(key)) {
+        transformations.push(`removed ${key}`);
         continue;
       }

       if (key === 'oneOf' || key === 'anyOf') {
         // For union types, pick the first option that has type: 'object' with properties,
         // or the first option if none match
         const options = schema[key];
         if (Array.isArray(options) && options.length > 0) {
           const objectOption = options.find((opt: any) => opt.type === 'object' && opt.properties);
           const chosen = objectOption || options[0];
+          transformations.push(`collapsed ${key} with ${options.length} options`);
           // Merge the chosen option's properties into result
           const simplified = this.simplifySchemaForCerebras(chosen);
           Object.assign(result, simplified);
         }
       } else {
         result[key] = this.simplifySchemaForCerebras(schema[key]);
       }
     }
+
+    if (transformations.length > 0) {
+      logger.debug('Schema simplified for Cerebras:', transformations);
+    }

---

324-337: Defensive deletion has no current effect.

The delete payloadBody.response_format operates on an object where response_format is never assigned. Looking at the code above, payloadBody is constructed with only model, messages, temperature, tools, and tool_choice. The delete and the hasResponseFormat log check will always show false.

If this is intentional defensive coding for future changes (or if response_format might come from elsewhere), consider adding a comment. Otherwise, this is dead code.

      // IMPORTANT: Cerebras does not support response_format with function calling
-     // Ensure we never send response_format to avoid API errors
+     // Ensure we never send response_format to avoid API errors.
+     // Currently no code adds response_format, but kept as defensive guard for future changes.
      delete payloadBody.response_format;

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 21edf39 and c5034b2.

📒 Files selected for processing (2)

• agent-server/nodejs/src/lib/BrowserAgentServer.js (2 hunks)
• front_end/panels/ai_chat/LLM/CerebrasProvider.ts (5 hunks)

🧰 Additional context used

🧠 Learnings (5)

📓 Common learnings

Learnt from: CR
Repo: BrowserOperator/browser-operator-core PR: 0
File: agent-server/nodejs/CLAUDE.md:0-0
Timestamp: 2025-12-07T00:27:56.465Z
Learning: Applies to agent-server/nodejs/src/lib/EvalServer.js : Use Chrome DevTools Protocol (CDP) for direct browser communication including screenshot capture via Page.captureScreenshot, page content via Runtime.evaluate, and tab management via Target.createTarget/closeTarget

📚 Learning: 2025-12-07T00:27:56.465Z

Learnt from: CR
Repo: BrowserOperator/browser-operator-core PR: 0
File: agent-server/nodejs/CLAUDE.md:0-0
Timestamp: 2025-12-07T00:27:56.465Z
Learning: Applies to agent-server/nodejs/src/lib/EvalServer.js : Use Chrome DevTools Protocol (CDP) for direct browser communication including screenshot capture via Page.captureScreenshot, page content via Runtime.evaluate, and tab management via Target.createTarget/closeTarget

Applied to files:

• agent-server/nodejs/src/lib/BrowserAgentServer.js

📚 Learning: 2025-12-07T00:27:56.465Z

Learnt from: CR
Repo: BrowserOperator/browser-operator-core PR: 0
File: agent-server/nodejs/CLAUDE.md:0-0
Timestamp: 2025-12-07T00:27:56.465Z
Learning: Applies to agent-server/nodejs/src/api-server.js : POST /page/screenshot endpoint must accept clientId and tabId, use CDP Page.captureScreenshot, and return base64-encoded PNG with metadata and timestamp

Applied to files:

• agent-server/nodejs/src/lib/BrowserAgentServer.js

📚 Learning: 2025-12-07T00:27:56.465Z

Learnt from: CR
Repo: BrowserOperator/browser-operator-core PR: 0
File: agent-server/nodejs/CLAUDE.md:0-0
Timestamp: 2025-12-07T00:27:56.465Z
Learning: Applies to agent-server/nodejs/src/api-server.js : Use formatResponse() method to convert agent responses to OpenAI-compatible format and include metadata with clientId and tabId for screenshot capture

Applied to files:

• agent-server/nodejs/src/lib/BrowserAgentServer.js

📚 Learning: 2025-12-07T00:27:56.465Z

Learnt from: CR
Repo: BrowserOperator/browser-operator-core PR: 0
File: agent-server/nodejs/CLAUDE.md:0-0
Timestamp: 2025-12-07T00:27:56.465Z
Learning: Applies to agent-server/nodejs/src/api-server.js : POST /page/content endpoint must accept clientId, tabId, format (html or text), and includeIframes parameters; recursively capture iframe content when includeIframes is true

Applied to files:

• agent-server/nodejs/src/lib/BrowserAgentServer.js

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: claude-review

🔇 Additional comments (6)

agent-server/nodejs/src/lib/BrowserAgentServer.js (2)

384-384: LGTM - Extended LLM provider support.

The addition of cerebras, anthropic, and google to the supported providers list aligns with the PR objective of adding Cerebras support and expanding provider options.

---

1309-1370: Well-structured DOM snapshot capability with good error handling.

The implementation follows the established patterns in this class for CDP commands. Good defensive checks on the response structure and helpful domain-availability guidance in the error message.

One minor note: the error detection at line 1364 uses string matching (includes('was not found')). While this works for common CDP error messages, consider whether a more robust check (e.g., matching CDP error codes) would be appropriate if you encounter edge cases.

front_end/panels/ai_chat/LLM/CerebrasProvider.ts (4)

200-212: LGTM - Enhanced error handling provides valuable debug context.

The multi-format error message extraction (errorData?.message || errorData?.error?.message) correctly handles both Cerebras and OpenAI error response formats. The logging of request keys and tool schemas will significantly aid debugging.

---

381-393: LGTM - Flexible API key handling with useful debug logging.

The optional apiKey parameter with fallback to instance apiKey provides good flexibility. The obfuscated key previews (first 5 characters) are helpful for debugging which key is in use.

Note: Logging even partial API keys is generally safe for debugging, but ensure these logs aren't exposed in production user-facing interfaces.

---

300-314: LGTM - Proper integration of schema simplification.

The integration applies simplifySchemaForCerebras correctly to tool parameters with a sensible default fallback for missing parameters.

---

101-132: Verify list against current Cerebras API—numeric keywords may now be supported.

The documented unsupported fields align with actual API errors encountered, but the current Cerebras documentation indicates that numeric keywords (minimum, maximum, multipleOf) and additionalProperties are now supported. Testing against the latest Cerebras API or checking the recent changelog (Oct 2025 updates mentioned) would confirm if this list can be trimmed to only fields that genuinely cause errors.