Improve anti-injection detection logging and text extraction
Added detailed debug logs for text extraction and LLM detection input in the anti-injector module. Refactored message processing to only use user-added content for detection, avoiding duplicate text. Fixed import paths for command_skip_list in plugin manager and anti_injector_manager to reflect new module structure.
This commit is contained in:
雅诺狐
@@ -81,9 +81,9 @@ class AntiPromptInjector:
|
||||
if whitelist_result is not None:
|
||||
return ProcessResult.ALLOWED, None, whitelist_result[2]
|
||||
|
||||
# 4. 命令跳过列表检测
|
||||
message_text = self.message_processor.extract_text_content(message)
|
||||
should_skip, skip_reason = should_skip_injection_detection(message_text)
|
||||
# 4. 命令跳过列表检测 & 内容提取
|
||||
text_to_detect = self.message_processor.extract_text_content(message)
|
||||
should_skip, skip_reason = should_skip_injection_detection(text_to_detect)
|
||||
if should_skip:
|
||||
logger.debug(f"消息匹配跳过列表,跳过反注入检测: {skip_reason}")
|
||||
return ProcessResult.ALLOWED, None, f"命令跳过检测 - {skip_reason}"
|
||||
@@ -91,6 +91,7 @@ class AntiPromptInjector:
|
||||
# 5. 内容检测
|
||||
# 提取用户新增内容(去除引用部分)
|
||||
text_to_detect = self.message_processor.extract_text_content(message)
|
||||
logger.debug(f"提取的检测文本: '{text_to_detect}' (长度: {len(text_to_detect)})")
|
||||
|
||||
# 如果是纯引用消息,直接允许通过
|
||||
if text_to_detect == "[纯引用消息]":
|
||||
|
||||
@@ -153,6 +153,9 @@ class PromptInjectionDetector:
|
||||
"""基于LLM的检测"""
|
||||
start_time = time.time()
|
||||
|
||||
# 添加调试日志
|
||||
logger.debug(f"LLM检测输入消息: '{message}' (长度: {len(message)})")
|
||||
|
||||
try:
|
||||
# 获取可用的模型配置
|
||||
models = llm_api.get_available_models()
|
||||
|
||||
@@ -32,17 +32,14 @@ class MessageProcessor:
|
||||
"""
|
||||
# 主要检测处理后的纯文本
|
||||
processed_text = message.processed_plain_text
|
||||
logger.debug(f"原始processed_plain_text: '{processed_text}'")
|
||||
|
||||
# 检查是否包含引用消息
|
||||
# 检查是否包含引用消息,提取用户新增内容
|
||||
new_content = self.extract_new_content_from_reply(processed_text)
|
||||
text_parts = [new_content]
|
||||
logger.debug(f"提取的新内容: '{new_content}'")
|
||||
|
||||
# 如果有原始消息,也加入检测
|
||||
if hasattr(message, 'raw_message') and message.raw_message:
|
||||
text_parts.append(str(message.raw_message))
|
||||
|
||||
# 合并所有文本内容
|
||||
return " ".join(filter(None, text_parts))
|
||||
# 只返回用户新增的内容,避免重复
|
||||
return new_content
|
||||
|
||||
def extract_new_content_from_reply(self, full_text: str) -> str:
|
||||
"""从包含引用的完整消息中提取用户新增的内容
|
||||
|
||||
@@ -13,6 +13,9 @@ from src.plugin_system.base.plugin_base import PluginBase
|
||||
from src.plugin_system.base.component_types import ComponentType
|
||||
from src.plugin_system.utils.manifest_utils import VersionComparator
|
||||
from .component_registry import component_registry
|
||||
import asyncio
|
||||
from src.chat.antipromptinjector.processors.command_skip_list import skip_list_manager
|
||||
|
||||
|
||||
logger = get_logger("plugin_manager")
|
||||
|
||||
@@ -595,10 +598,6 @@ class PluginManager:
|
||||
def _refresh_anti_injection_skip_list(self):
|
||||
"""插件加载完成后刷新反注入跳过列表"""
|
||||
try:
|
||||
import asyncio
|
||||
from src.chat.antipromptinjector.command_skip_list import skip_list_manager
|
||||
|
||||
# 如果当前在事件循环中,直接调用
|
||||
try:
|
||||
loop = asyncio.get_running_loop()
|
||||
# 在后台任务中执行刷新
|
||||
|
||||
@@ -11,7 +11,7 @@
|
||||
|
||||
from src.plugin_system.base import BaseCommand
|
||||
from src.chat.antipromptinjector import get_anti_injector
|
||||
from src.chat.antipromptinjector.command_skip_list import (
|
||||
from src.chat.antipromptinjector.processors.command_skip_list import (
|
||||
get_skip_patterns_info,
|
||||
skip_list_manager
|
||||
)
|
||||
|
||||
Reference in New Issue
Block a user