Skip to main content

InjectionPatternVerifier

zeph_tools::verifier

Struct InjectionPatternVerifier 

Source 
pub struct InjectionPatternVerifier { /* private fields */ }
Expand description

Verifier that blocks tool arguments containing SQL injection, command injection, or path traversal patterns. Applies to ALL tools using field-aware matching.

§Field-aware matching

Rather than serialising all args to a flat string (which causes false positives), this verifier iterates over each string-valued field and applies pattern categories based on field semantics:

  • SAFE_QUERY_FIELDS (query, q, search, text, …): injection patterns are skipped — these fields contain user-provided text and generate too many false positives for SQL/command discussions in chat.
  • URL_FIELD_NAMES (url, endpoint, uri, …): SSRF patterns are applied.
  • All other string fields: injection + path traversal patterns are applied.

§Warn semantics

VerificationResult::Warn is metrics-only — the tool call proceeds, a WARN log entry is emitted, and the TUI security panel counter increments. The LLM does not see the warning in its tool result.

Implementations§

Trait Implementations§

Source§

impl Debug for InjectionPatternVerifier

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl PreExecutionVerifier for InjectionPatternVerifier

Source§

fn name(&self) -> &'static str

Human-readable name for logging and TUI display.
Source§

fn verify(&self, _tool_name: &str, args: &Value) -> VerificationResult

Verify whether a tool call should proceed.

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> PolicyExt for T
where T: ?Sized,

Source§

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow only if self and other return Action::Follow. Read more
Source§

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow if either self or other returns Action::Follow. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more