Add LLM anti-prompt injection system
Introduces a comprehensive anti-prompt injection system for LLMs, including rule-based and LLM-based detection, user ban/whitelist management, message shielding, and statistics tracking. Adds new modules under src/chat/antipromptinjector, integrates anti-injection checks into the message receive flow, updates configuration and database models, and provides test scripts. Also updates templates and logger aliases to support the new system.
This commit is contained in:
雅诺狐
@@ -1,5 +1,5 @@
|
||||
[inner]
|
||||
version = "6.3.6"
|
||||
version = "6.3.7"
|
||||
|
||||
#----以下是给开发人员阅读的,如果你只是部署了麦麦,不需要阅读----
|
||||
#如果你想要修改配置文件,请递增version的值
|
||||
@@ -160,6 +160,38 @@ ban_msgs_regex = [
|
||||
#"\\d{4}-\\d{2}-\\d{2}", # 匹配日期
|
||||
]
|
||||
|
||||
[anti_prompt_injection] # LLM反注入系统配置
|
||||
enabled = true # 是否启用反注入系统
|
||||
enabled_rules = false # 是否启用规则检测
|
||||
enabled_LLM = true # 是否启用LLM检测
|
||||
process_mode = "lenient" # 处理模式:strict(严格模式,直接丢弃), lenient(宽松模式,消息加盾)
|
||||
|
||||
# 白名单配置
|
||||
# 格式:[[platform, user_id], ...]
|
||||
# 示例:[["qq", "123456"], ["telegram", "user789"]]
|
||||
whitelist = [] # 用户白名单,这些用户的消息将跳过检测
|
||||
|
||||
# LLM检测配置
|
||||
llm_detection_enabled = true # 是否启用LLM二次分析
|
||||
llm_detection_threshold = 0.7 # LLM判定危险的置信度阈值(0-1)
|
||||
|
||||
# 性能配置
|
||||
cache_enabled = true # 是否启用检测结果缓存
|
||||
cache_ttl = 3600 # 缓存有效期(秒)
|
||||
max_message_length = 150 # 最大检测消息长度,超过将直接判定为危险
|
||||
|
||||
# 统计配置
|
||||
stats_enabled = true # 是否启用统计功能
|
||||
|
||||
# 自动封禁配置
|
||||
auto_ban_enabled = false # 是否启用自动封禁功能
|
||||
auto_ban_violation_threshold = 3 # 触发封禁的违规次数阈值
|
||||
auto_ban_duration_hours = 2 # 封禁持续时间(小时)
|
||||
|
||||
# 消息加盾配置(宽松模式下使用)
|
||||
shield_prefix = "🛡️ " # 加盾消息前缀
|
||||
shield_suffix = " 🛡️" # 加盾消息后缀
|
||||
|
||||
[normal_chat] #普通聊天
|
||||
willing_mode = "classical" # 回复意愿模式 —— 经典模式:classical,mxp模式:mxp,自定义模式:custom(需要你自己实现)
|
||||
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
[inner]
|
||||
version = "1.2.4"
|
||||
version = "1.2.5"
|
||||
|
||||
# 配置文件版本号迭代规则同bot_config.toml
|
||||
|
||||
@@ -113,6 +113,12 @@ api_provider = "SiliconFlow"
|
||||
price_in = 0
|
||||
price_out = 0
|
||||
|
||||
[[models]]
|
||||
model_identifier = "moonshotai/Kimi-K2-Instruct"
|
||||
name = "moonshotai-Kimi-K2-Instruct"
|
||||
api_provider = "SiliconFlow"
|
||||
price_in = 4.0
|
||||
price_out = 16.0
|
||||
|
||||
[model_task_config.utils] # 在麦麦的一些组件中使用的模型,例如表情包模块,取名模块,关系模块,是麦麦必须的模型
|
||||
model_list = ["siliconflow-deepseek-v3"] # 使用的模型列表,每个子项对应上面的模型名称(name)
|
||||
@@ -177,6 +183,11 @@ model_list = ["deepseek-v3"]
|
||||
temperature = 0.7
|
||||
max_tokens = 1000
|
||||
|
||||
[model_task_config.anti_injection] # 反注入检测专用模型
|
||||
model_list = ["moonshotai-Kimi-K2-Instruct"] # 使用快速的小模型进行检测
|
||||
temperature = 0.1 # 低温度确保检测结果稳定
|
||||
max_tokens = 200 # 检测结果不需要太长的输出
|
||||
|
||||
#嵌入模型
|
||||
[model_task_config.embedding]
|
||||
model_list = ["bge-m3"]
|
||||
|
||||
Reference in New Issue
Block a user