fix lint & cleanup

Signed-off-by: Lucas <lyoon@redhat.com>

Author: JslYoon

src/app/endpoints/query.py

@@ -2,7 +2,6 @@
 
 """Handler for REST API call to provide answer to query using Response API."""
 
-import logging
 import datetime
 from typing import Annotated, Any, Optional, cast
 
@@ -196,7 +195,11 @@ async def query_endpoint_handler(
 
     # Retrieve response using Responses API
     turn_summary = await retrieve_response(
-        client, responses_params, query_request.shield_ids, vector_store_ids, rag_id_mapping
+        client,
+        responses_params,
+        query_request.shield_ids,
+        vector_store_ids,
+        rag_id_mapping,
     )
 
     if pre_rag_chunks:

src/models/requests.py

@@ -171,7 +171,7 @@ class QueryRequest(BaseModel):
         None,
         description="Optional list of safety shield IDs to apply. "
         "If None, all configured shields are used. "
-        "If empty list, all shields are skipped.",
+        "If provided, must contain at least one valid shield ID (empty list raises 422 error).",
         examples=["llama-guard", "custom-shield"],
     )
 

src/utils/shields.py

@@ -1,6 +1,5 @@
 """Utility functions for working with Llama Stack shields."""
 
-import logging
 from typing import Any, Optional, cast
 
 from fastapi import HTTPException
@@ -128,8 +127,11 @@ async def run_shield_moderation(
     # Filter shields based on shield_ids parameter
     if shield_ids is not None:
         if len(shield_ids) == 0:
-            logger.info("shield_ids=[] provided, skipping all shields")
-            return ShieldModerationResult(blocked=False)
+            response = UnprocessableEntityResponse(
+                response="Invalid shield configuration",
+                cause="shield_ids provided but no shields selected. Remove the parameter to use default shields.",
+            )
+            raise HTTPException(**response.model_dump())
 
         shields_to_run = [s for s in all_shields if s.identifier in shield_ids]
 

tests/unit/utils/test_shields.py

@@ -307,19 +307,22 @@ async def test_returns_blocked_on_bad_request_error(
         mock_metric.inc.assert_called_once()
 
     @pytest.mark.asyncio
-    async def test_shield_ids_empty_list_skips_all_shields(
+    async def test_shield_ids_empty_list_raises_422(
         self, mocker: MockerFixture
     ) -> None:
-        """Test that shield_ids=[] explicitly skips all shields (intentional bypass)."""
+        """Test that shield_ids=[] raises HTTPException 422 (prevents bypass)."""
         mock_client = mocker.Mock()
         shield = mocker.Mock()
         shield.identifier = "shield-1"
         mock_client.shields.list = mocker.AsyncMock(return_value=[shield])
 
-        result = await run_shield_moderation(mock_client, "test input", shield_ids=[])
+        with pytest.raises(HTTPException) as exc_info:
+            await run_shield_moderation(mock_client, "test input", shield_ids=[])
 
-        assert result.blocked is False
-        mock_client.shields.list.assert_called_once()
+        assert exc_info.value.status_code == status.HTTP_422_UNPROCESSABLE_ENTITY
+        assert "shield_ids provided but no shields selected" in str(
+            exc_info.value.detail
+        )
 
     @pytest.mark.asyncio
     async def test_shield_ids_raises_exception_when_no_shields_found(