lzh/picoclaw
1
0
Fork 0
mirror of https://github.com/sipeed/picoclaw.git synced 2026-06-12 18:08:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,412 Commits 12 Branches 15 Tags
b787131c82d34f907c5664f4e84df92cec936282
Commit Graph

7 Commits

Author SHA1 Message Date
uiyzzi 16d23d8cdc feat(security): add sensitive data filtering for tool results sent to 
LLM

Prevent LLM from seeing its own credentials (API keys, tokens, secrets)
by filtering sensitive values from tool call results before sending to
the
model. Values are collected from .security.yml and replaced with
[FILTERED] using an efficient strings.Replacer (O(n+m)).

- Add FilterSensitiveData and FilterMinLength to ToolsConfig
- Implement SensitiveDataReplacer() with sync.Once caching in
  SecurityConfig
- Use reflection to collect all sensitive values (Model API keys,
  channel
  tokens, web tool API keys, skills tokens)
- Apply filtering in agent loop at 4 tool result locations
- Add comprehensive tests covering all token types
 2026-03-23 20:55:41 +08:00
Cytown 5a8aab8143 Merge branch 'main' into version 2026-03-23 11:41:36 +08:00
Cytown 310f788f5f rename security.yml to .security.yml 2026-03-23 11:20:42 +08:00
Cytown 284ced1f5c Merge branch 'main' into version 2026-03-22 19:58:33 +08:00
Cytown 3dfe484f66 make yaml indent with 2 2026-03-22 11:07:22 +08:00
Cytown 7c854fe6d7 Merge branch 'main' into version 2026-03-22 02:53:55 +08:00
Cytown e455eb5e67 refactor: seperate security.yml for store keys 2026-03-22 01:55:00 +08:00