vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-05 18:20:22 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
90ef2d6bdf0715dd9e1ef2751390e4d76d22443a
openclaw/src/agents/sanitize-for-prompt.ts
Peter Steinberger 6254e96acf fix(security): harden prompt path sanitization
2026-02-16 02:53:40 +01:00

19 lines
801 B
TypeScript
Raw Blame History

/**
* Sanitize untrusted strings before embedding them into an LLM prompt.
*
* Threat model (OC-19): attacker-controlled directory names (or other runtime strings)
* that contain newline/control characters can break prompt structure and inject
* arbitrary instructions.
*
* Strategy (Option 3 hardening):
* - Strip Unicode "control" (Cc) + "format" (Cf) characters (includes CR/LF/NUL, bidi marks, zero-width chars).
* - Strip explicit line/paragraph separators (Zl/Zp): U+2028/U+2029.
*
* Notes:
* - This is intentionally lossy; it trades edge-case path fidelity for prompt integrity.
* - If you need lossless representation, escape instead of stripping.
*/
export function sanitizeForPromptLiteral(value: string): string {
return value.replace(/[\p{Cc}\p{Cf}\u2028\u2029]/gu, "");
}
Reference in New Issue View Git Blame Copy Permalink