const FORBIDDEN_PERSISTENCE_PATTERNS = [ /ignore\s+(all|previous|prior|above)\s+instructions/i, /system\s+prompt/i, /do\s+not\s+tell\s+the\s+user/i, /curl\s+.*(token|secret|password|api)/i, /authorization\s*:\s*bearer\s+[a-z0-9._-]{16,}/i, /bearer\s+[a-z0-9._-]{16,}/i, /x-[a-z0-9-]*(?:api-key|token)\s*:\s*[^\s]{8,}/i, /(api[_-]?key|access[_-]?token|refresh[_-]?token|secret|password)\s*[:=]/i, /(?:session[_-]?token|id[_-]?token|client[_-]?secret)\s*[:=]/i, /-----BEGIN [A-Z ]*PRIVATE KEY-----/, /ssh-(?:rsa|ed25519)\s+[a-z0-9+/]+={0,3}/i, /sk-[a-z0-9]{16,}/i, /eyJ[a-zA-Z0-9_-]{8,}\.[a-zA-Z0-9._-]{8,}\.[a-zA-Z0-9._-]{8,}/, ]; export const containsForbiddenPersistentContent = (content: string) => FORBIDDEN_PERSISTENCE_PATTERNS.some((pattern) => pattern.test(content)); export const sanitizePersistentLine = (content: string, maxLength: number) => { const normalized = content.replace(/\s+/g, " ").trim(); if (!normalized) { return ""; } if (containsForbiddenPersistentContent(normalized)) { return ""; } if (normalized.length > maxLength) { return `${normalized.slice(0, maxLength - 3).trimEnd()}...`; } return normalized; }; export const sanitizePersistentDocument = (content: string, maxLength: number) => { const normalized = content .replace(/\r\n/g, "\n") .split("\n") .map((line) => line.trimEnd()) .join("\n") .replace(/\n{3,}/g, "\n\n") .trim(); if (!normalized) { return ""; } if (containsForbiddenPersistentContent(normalized)) { return ""; } if (normalized.length > maxLength) { return `${normalized.slice(0, maxLength - 3).trimEnd()}...`; } return normalized; }; export const sanitizePersistentScript = (content: string, maxLength: number) => { const normalized = content.replace(/\r\n/g, "\n").replace(/\t/g, " ").trim(); if (!normalized) { return ""; } if (containsForbiddenPersistentContent(normalized)) { return ""; } if (normalized.length > maxLength) { return ""; } return `${normalized}\n`; };