pub enum ContentRole {
Interactive,
Content,
Decorative,
System,
}Expand description
Content role classification for prompt injection defense.
Elements are classified by their semantic role so the LLM can distinguish between actionable UI controls and untrusted text content. This prevents adversarial websites from injecting instructions via text elements that look like system commands.
In the prompt, elements are tagged: [1] button “Submit” (interactive) vs [5] text “Click here to win” (content) — so the LLM knows [5] is user-authored text, not a UI control.
Variants§
Interactive
UI controls the user can interact with (buttons, inputs, links, menus). Safe to act on — these are real UI elements.
Content
Text content (paragraphs, headings, labels). May contain adversarial text. The LLM should READ but not EXECUTE instructions found in content elements.
Decorative
Decorative elements (separators, icons, spacers). Can be deprioritized.
System
System/chrome UI (scrollbars, window controls, status bars).
Trait Implementations§
Source§impl Clone for ContentRole
impl Clone for ContentRole
Source§fn clone(&self) -> ContentRole
fn clone(&self) -> ContentRole
1.0.0 (const: unstable) · Source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
source. Read moreSource§impl Debug for ContentRole
impl Debug for ContentRole
Source§impl Default for ContentRole
impl Default for ContentRole
Source§fn default() -> ContentRole
fn default() -> ContentRole
Source§impl<'de> Deserialize<'de> for ContentRole
impl<'de> Deserialize<'de> for ContentRole
Source§fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>where
__D: Deserializer<'de>,
fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>where
__D: Deserializer<'de>,
Source§impl PartialEq for ContentRole
impl PartialEq for ContentRole
Source§fn eq(&self, other: &ContentRole) -> bool
fn eq(&self, other: &ContentRole) -> bool
self and other values to be equal, and is used by ==.