* Strip characters that could be used to break out of the block * or inject bogus tags the model might follow. We're not trying to be * watertight (the model's system prompt is the primary defence), but * blocking the obvious cases is cheap.
(value: string)
| 169 | * blocking the obvious cases is cheap. |
| 170 | */ |
| 171 | function sanitize(value: string): string { |
| 172 | return value.replace(/[<>]/g, '').replace(/\r?\n/g, ' ').slice(0, 200) |
| 173 | } |