fix: sanitize tool call text in sessions-helpers extractAssistantText

Adds sanitization to extractAssistantText in sessions-helpers.ts to
prevent tool call text from leaking to users. Previously, messages
retrieved from chat history via sessions-helpers.ts could expose:

- Minimax XML tool calls (<invoke>...</invoke>)
- Downgraded tool call markers ([Tool Call: name (ID: ...)])
- Thinking tags (<think>...</think>)

This fix:
- Exports the stripping functions from pi-embedded-utils.ts
- Adds a new sanitizeTextContent helper in sessions-helpers.ts
- Updates extractAssistantText to sanitize before returning
- Updates extractMessageText in commands-subagents.ts to sanitize

Fixes #1269

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
zerone0x
2026-01-23 01:03:54 +08:00
committed by Peter Steinberger
parent 6779ba2367
commit 03bec49299
3 changed files with 34 additions and 10 deletions

View File

@@ -7,6 +7,7 @@ import {
extractAssistantText,
resolveInternalSessionKey,
resolveMainSessionAlias,
sanitizeTextContent,
stripToolMessages,
} from "../../agents/tools/sessions-helpers.js";
import type { SubagentRunRecord } from "../../agents/subagent-registry.js";
@@ -110,7 +111,8 @@ function extractMessageText(message: ChatMessage): { role: string; text: string
const role = typeof message.role === "string" ? message.role : "";
const content = message.content;
if (typeof content === "string") {
const normalized = normalizeMessageText(content);
const sanitized = sanitizeTextContent(content);
const normalized = normalizeMessageText(sanitized);
return normalized ? { role, text: normalized } : null;
}
if (!Array.isArray(content)) return null;
@@ -119,8 +121,11 @@ function extractMessageText(message: ChatMessage): { role: string; text: string
if (!block || typeof block !== "object") continue;
if ((block as { type?: unknown }).type !== "text") continue;
const text = (block as { text?: unknown }).text;
if (typeof text === "string" && text.trim()) {
chunks.push(text);
if (typeof text === "string") {
const sanitized = sanitizeTextContent(text);
if (sanitized) {
chunks.push(sanitized);
}
}
}
const joined = normalizeMessageText(chunks.join(" "));