diff options
| author | A.J. Shulman <Shulman.aj@gmail.com> | 2024-11-06 22:23:03 -0500 |
|---|---|---|
| committer | A.J. Shulman <Shulman.aj@gmail.com> | 2024-11-06 22:23:03 -0500 |
| commit | 5d4e19ad5961e42b90f7bfc920ea80da6edc5089 (patch) | |
| tree | 5d6d7e86130a25e034114100de90d25a68c3494d /solr-8.3.1/contrib/clustering/lib/simple-xml-safe-2.7.1.jar | |
| parent | 09d7d63d1f248a0bf1d36e4da804cbde5e12e209 (diff) | |
Enhance assistant security with structured validation and input sanitization
- Prompt enhancements:
- Enforce strict response structure validation by requiring <stage>, <thought>, <action>, and <answer> tags in responses.
- Add self-validation instruction in <final_instruction> for assistant to check response structure before outputting.
- Instruct assistant to ignore XML-like syntax from user input, treating any <stage>, <action>, etc., as plain text.
- Code changes:
- Implement `validateAssistantResponse` function to enforce required response structure (e.g., ensuring <stage> element).
- Add input sanitization using `lodash.escape` to treat user inputs as plain text, preventing XML or HTML injection.
- Configure XML parser to ignore external entities and avoid interpreting embedded XML-like syntax.
- Introduce fallback error handling in parsing and validation to prevent assistant crashes on malformed or unexpected input.
- Log response errors with detailed messages to aid debugging and improve system resilience.
- Enhance input validation for tools by adding parameter checks, handling malformed data gracefully, and logging safety errors.
Diffstat (limited to 'solr-8.3.1/contrib/clustering/lib/simple-xml-safe-2.7.1.jar')
0 files changed, 0 insertions, 0 deletions