Skip to main content

ToolOutputSanitizer

llmtrace_security::tool_firewall

Struct ToolOutputSanitizer 

Source 
pub struct ToolOutputSanitizer { /* private fields */ }
Expand description

Removes malicious content from tool responses before they reach the agent.

This is the most critical component — tools can return content from external sources (web pages, emails, database results) that may contain prompt injection attacks targeting the agent.

Implementations§

Source§

impl ToolOutputSanitizer

Source

pub fn new() -> Self

Create a new output sanitizer with default patterns and settings.

Default maximum output length is 50,000 characters. HTML stripping is enabled by default.

Source

pub fn with_strip_html(self, strip: bool) -> Self

Set whether HTML/script tags should be stripped.

Source

pub fn with_max_output_length(self, max: usize) -> Self

Set the maximum output length (in characters).

Source

pub fn sanitize( &self, output: &str, _tool_context: &ToolContext, ) -> SanitizeResult

Sanitize tool output by removing malicious content.

Returns a SanitizeResult containing the cleaned text, detections, and the worst severity found.

Trait Implementations§

Source§

impl Debug for ToolOutputSanitizer

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Default for ToolOutputSanitizer

Source§

fn default() -> Self

Returns the “default value” for a type. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V