03bec49299
Adds sanitization to extractAssistantText in sessions-helpers.ts to prevent tool call text from leaking to users. Previously, messages retrieved from chat history via sessions-helpers.ts could expose: - Minimax XML tool calls (<invoke>...</invoke>) - Downgraded tool call markers ([Tool Call: name (ID: ...)]) - Thinking tags (<think>...</think>) This fix: - Exports the stripping functions from pi-embedded-utils.ts - Adds a new sanitizeTextContent helper in sessions-helpers.ts - Updates extractAssistantText to sanitize before returning - Updates extractMessageText in commands-subagents.ts to sanitize Fixes #1269 Co-Authored-By: Claude <noreply@anthropic.com>
138 lines
4.4 KiB
TypeScript
138 lines
4.4 KiB
TypeScript
import type { ClawdbotConfig } from "../../config/config.js";
|
|
import { sanitizeUserFacingText } from "../pi-embedded-helpers.js";
|
|
import {
|
|
stripDowngradedToolCallText,
|
|
stripMinimaxToolCallXml,
|
|
stripThinkingTagsFromText,
|
|
} from "../pi-embedded-utils.js";
|
|
import { normalizeMainKey } from "../../routing/session-key.js";
|
|
|
|
export type SessionKind = "main" | "group" | "cron" | "hook" | "node" | "other";
|
|
|
|
export type SessionListDeliveryContext = {
|
|
channel?: string;
|
|
to?: string;
|
|
accountId?: string;
|
|
};
|
|
|
|
export type SessionListRow = {
|
|
key: string;
|
|
kind: SessionKind;
|
|
channel: string;
|
|
label?: string;
|
|
displayName?: string;
|
|
deliveryContext?: SessionListDeliveryContext;
|
|
updatedAt?: number | null;
|
|
sessionId?: string;
|
|
model?: string;
|
|
contextTokens?: number | null;
|
|
totalTokens?: number | null;
|
|
thinkingLevel?: string;
|
|
verboseLevel?: string;
|
|
systemSent?: boolean;
|
|
abortedLastRun?: boolean;
|
|
sendPolicy?: string;
|
|
lastChannel?: string;
|
|
lastTo?: string;
|
|
lastAccountId?: string;
|
|
transcriptPath?: string;
|
|
messages?: unknown[];
|
|
};
|
|
|
|
function normalizeKey(value?: string) {
|
|
const trimmed = value?.trim();
|
|
return trimmed ? trimmed : undefined;
|
|
}
|
|
|
|
export function resolveMainSessionAlias(cfg: ClawdbotConfig) {
|
|
const mainKey = normalizeMainKey(cfg.session?.mainKey);
|
|
const scope = cfg.session?.scope ?? "per-sender";
|
|
const alias = scope === "global" ? "global" : mainKey;
|
|
return { mainKey, alias, scope };
|
|
}
|
|
|
|
export function resolveDisplaySessionKey(params: { key: string; alias: string; mainKey: string }) {
|
|
if (params.key === params.alias) return "main";
|
|
if (params.key === params.mainKey) return "main";
|
|
return params.key;
|
|
}
|
|
|
|
export function resolveInternalSessionKey(params: { key: string; alias: string; mainKey: string }) {
|
|
if (params.key === "main") return params.alias;
|
|
return params.key;
|
|
}
|
|
|
|
export function classifySessionKind(params: {
|
|
key: string;
|
|
gatewayKind?: string | null;
|
|
alias: string;
|
|
mainKey: string;
|
|
}): SessionKind {
|
|
const key = params.key;
|
|
if (key === params.alias || key === params.mainKey) return "main";
|
|
if (key.startsWith("cron:")) return "cron";
|
|
if (key.startsWith("hook:")) return "hook";
|
|
if (key.startsWith("node-") || key.startsWith("node:")) return "node";
|
|
if (params.gatewayKind === "group") return "group";
|
|
if (key.includes(":group:") || key.includes(":channel:")) {
|
|
return "group";
|
|
}
|
|
return "other";
|
|
}
|
|
|
|
export function deriveChannel(params: {
|
|
key: string;
|
|
kind: SessionKind;
|
|
channel?: string | null;
|
|
lastChannel?: string | null;
|
|
}): string {
|
|
if (params.kind === "cron" || params.kind === "hook" || params.kind === "node") return "internal";
|
|
const channel = normalizeKey(params.channel ?? undefined);
|
|
if (channel) return channel;
|
|
const lastChannel = normalizeKey(params.lastChannel ?? undefined);
|
|
if (lastChannel) return lastChannel;
|
|
const parts = params.key.split(":").filter(Boolean);
|
|
if (parts.length >= 3 && (parts[1] === "group" || parts[1] === "channel")) {
|
|
return parts[0];
|
|
}
|
|
return "unknown";
|
|
}
|
|
|
|
export function stripToolMessages(messages: unknown[]): unknown[] {
|
|
return messages.filter((msg) => {
|
|
if (!msg || typeof msg !== "object") return true;
|
|
const role = (msg as { role?: unknown }).role;
|
|
return role !== "toolResult";
|
|
});
|
|
}
|
|
|
|
/**
|
|
* Sanitize text content to strip tool call markers and thinking tags.
|
|
* This ensures user-facing text doesn't leak internal tool representations.
|
|
*/
|
|
export function sanitizeTextContent(text: string): string {
|
|
return stripThinkingTagsFromText(
|
|
stripDowngradedToolCallText(stripMinimaxToolCallXml(text)),
|
|
).trim();
|
|
}
|
|
|
|
export function extractAssistantText(message: unknown): string | undefined {
|
|
if (!message || typeof message !== "object") return undefined;
|
|
if ((message as { role?: unknown }).role !== "assistant") return undefined;
|
|
const content = (message as { content?: unknown }).content;
|
|
if (!Array.isArray(content)) return undefined;
|
|
const chunks: string[] = [];
|
|
for (const block of content) {
|
|
if (!block || typeof block !== "object") continue;
|
|
if ((block as { type?: unknown }).type !== "text") continue;
|
|
const text = (block as { text?: unknown }).text;
|
|
if (typeof text === "string") {
|
|
const sanitized = sanitizeTextContent(text);
|
|
if (sanitized) {
|
|
chunks.push(sanitized);
|
|
}
|
|
}
|
|
}
|
|
const joined = chunks.join("\n").trim();
|
|
return joined ? sanitizeUserFacingText(joined) : undefined;
|
|
}
|