✨ feat: use remote endpoints as default when using remote mode

[Marco Russo (marcorusso97)]

Summary

This PR introduces mode-aware role defaults for attack configurations in the orchestrator.

When HackAgent is initialized in remote mode, attack role defaults are now resolved from a remote profile.
When running in local mode, role defaults are resolved from a local profile.

The spreadsheet is still descriptive only and is not used at runtime.

What changed

1. Added centralized role mapping

A single attack-to-role map is now used to define which attack roles should receive defaults, and it consists of an additional field in the already existing _ATTACK_MODEL_ROLE_PATHS. This field establishes, for each attack, whether each role should be performed either by the attacker or by the judge model. For instance, in AutoDan-Turbo, "attacker" and "summarizer" are both performed by the attacker model.

This replaces the previous naming that implied remote-only behavior.

2. Added mode detection from backend context

The orchestrator now determines mode by checking whether a backend API key is available:

• If API key exists and is non-empty -> remote mode
• Otherwise -> local mode

3. Added explicit remote role defaults

Introduced _remote_role_defaults(api_key), with:

• attacker:
  • endpoint: https://api.hackagent.dev/v1
  • agent_type: OPENAI_SDK
  • identifier: hackagent-attacker
  • api_key: backend key (fallback if not overridden)
• judge:
  • endpoint: https://api.hackagent.dev/v1
  • agent_type: OPENAI_SDK
  • identifier: hackagent-judge
  • type: harmbench_variant
  • api_key: backend key (fallback if not overridden)

4. Added explicit local role defaults

Introduced _local_role_defaults(), aligned with the updated attack_roles sheet:

• attacker:
  • endpoint: http://localhost:11434
  • agent_type: OLLAMA
  • identifier: gemma3:4b
  • api_key: None
• judge:
  • endpoint: http://localhost:11434
  • agent_type: OLLAMA
  • identifier: gemma3:4b
  • type: harmbench_variant
  • api_key: None

5. Added mode-based config normalization before execution

Introduced _apply_mode_based_role_defaults(attack_config), called at the beginning of execute().

Behavior:

• Applies role defaults based on detected mode
• Fills only missing keys
• Preserves explicit user overrides
• Keeps judge and judges structures consistent

6. Fixed evaluator warning for auto-injected judges

By ensuring a default judge type is present in injected role defaults, we avoid warnings like:

• Unknown or missing judge type for: {...}

Tests

Added and updated orchestrator unit tests to cover:

• Remote mode default injection
• Local mode default injection
• Preservation of explicit overrides
• Filling of missing role fields

Impact

• No changes required for users providing full explicit attack role config
• Improved default behavior for users relying on implicit role defaults
• Consistent and predictable behavior between remote and local mode

[codecov]

Codecov Report

❌ Patch coverage is 93.93939% with 4 lines in your changes missing coverage. Please review.

Files with missing lines	Patch %	Lines
hackagent/attacks/orchestrator.py	93.93%	4 Missing ⚠️

📢 Thoughts on this report? Let us know!

[Nicola Franco (franconicola)]

LGTM