Expand description
LLM prompt template renderer.
Consumes a Diagnosis, never raw case data. Output is a fully-formed
prompt: a system role, a structured Evidence/Hypotheses/Unknowns block,
and explicit constraints that forbid the LLM from inventing facts.
The binary makes no network calls. This subcommand only renders the prompt; sending it to a model is the caller’s choice.
§Sanitization at the boundary
Free-text values inside Evidence (DNS error messages, validation error
strings, etc.) originate in log lines and HTTP response bodies. In a
production setting those are attacker-controllable. Before each
rendered evidence line is concatenated into the prompt, it is passed
through sanitize_for_prompt which replaces newlines with literal
\n, escapes backticks, strips other control characters, and caps the
line length. This neutralizes the structural injection vectors;
semantic attacks (e.g. a base64-encoded directive inside an evidence
string) remain a residual risk that the human review step in the
“Suggested usage” flow is responsible for catching. See
docs/llm_assisted_workflow.md.
Functions§
- render_
prompt - Render the prose form of the LLM prompt for a given diagnosis.
- render_
prompt_ json - JSON envelope variant of
render_prompt. - sanitize_
for_ prompt - Sanitize a rendered evidence line for inclusion in an LLM prompt.