feat(security): add sensitive data filtering for tool results sent to

LLM Prevent LLM from seeing its own credentials (API keys, tokens, secrets) by filtering sensitive values from tool call results before sending to the model. Values are collected from .security.yml and replaced with [FILTERED] using an efficient strings.Replacer (O(n+m)). - Add FilterSensitiveData and FilterMinLength to ToolsConfig - Implement SensitiveDataReplacer() with sync.Once caching in SecurityConfig - Use reflection to collect all sensitive values (Model API keys, channel tokens, web tool API keys, skills tokens) - Apply filtering in agent loop at 4 tool result locations - Add comprehensive tests covering all token types
2026-06-12 18:08:54 +00:00 · 2026-03-23 20:55:41 +08:00
parent 96e312680d
commit 16d23d8cdc
12 changed files with 599 additions and 5 deletions
@@ -623,6 +623,7 @@ PicoClaw 通过 `cron` 工具支持 cron 风格的定时任务。Agent 可以设

 | 主题 | 说明 |
 | ---- | ---- |
+| [敏感数据过滤](../sensitive_data_filtering.md) | 在发送给 LLM 前，从工具结果中过滤 API 密钥和令牌 |
 | [Hook 系统](../hooks/README.zh.md) | 事件驱动 Hook：观察者、拦截器、审批 Hook |
 | [Steering](../steering.md) | 在工具调用间向运行中的 Agent 注入消息 |
 | [SubTurn](../subturn.md) | 子 Agent 协调、并发控制、生命周期管理 |