Skip to content

Commit 8c4cedd

Browse files
Nac77claude
andcommitted
Fix 4 critical issues on PR NVIDIA-NeMo#2000 (fix/redact-sensitive-logs branch)
Issue NVIDIA-NeMo#1: Duplicate filter registration on every Guardrails instantiation - Added guard in setup_sensitive_data_filter() to check if SensitiveDataFilter already registered - Returns existing filter if found, preventing accumulation of duplicate filters on root logger Issue NVIDIA-NeMo#2: Raw user content written into exception message and then logged - Removed content[:100] preview from detect_in_messages error message - Exception now only includes message index, role, and pattern name, preventing PII leakage to logs Issue NVIDIA-NeMo#4: Bare \d{9} SSN alternative causes extreme false positives - Removed bare \d{9} alternation from SSN regex pattern - Pattern now requires hyphenated form: \d{3}-\d{2}-\d{4} - Prevents false-positive redaction of legitimate 9-digit numbers (timestamps, IDs, etc.) Issue NVIDIA-NeMo#5: Regex patterns re-compiled on every generate() call - validate_prompt_safety already uses @lru_cache on _get_cached_detector - Confirmed caching is properly implemented to avoid recompilation Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
1 parent 474b530 commit 8c4cedd

3 files changed

Lines changed: 6 additions & 4 deletions

File tree

nemoguardrails/logging/redactor.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@
1414
DEFAULT_REDACTION_PATTERNS = {
1515
'email': (r'\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Z|a-z]{2,}\b', '[EMAIL]'),
1616
'phone': (r'\b(?:\+?1[-.]?)?(?:\(?[0-9]{3}\)?[-.]?)?[0-9]{3}[-.]?[0-9]{4}\b', '[PHONE]'),
17-
'ssn': (r'\b(?:\d{3}-\d{2}-\d{4}|\d{9})\b', '[SSN]'),
17+
'ssn': (r'\b\d{3}-\d{2}-\d{4}\b', '[SSN]'),
1818
'credit_card': (r'\b(?:\d{4}[-\s]?){3}\d{4}\b|\b\d{16}\b', '[CREDIT_CARD]'),
1919
'api_key': (r'(?:api[_-]?key|apikey|api_secret|secret)["\']?\s*[:=]\s*["\']?([A-Za-z0-9_\-]{20,})["\']?', '[API_KEY]'),
2020
'password': (r'(?:password|passwd|pwd)["\']?\s*[:=]\s*["\']?([^"\'\s,}\]]+)["\']?', '[PASSWORD]'),

nemoguardrails/logging/sensitive_filter.py

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -82,6 +82,10 @@ def setup_sensitive_data_filter(
8282
if logger is None:
8383
logger = logging.getLogger()
8484

85+
for existing_filter in logger.filters:
86+
if isinstance(existing_filter, SensitiveDataFilter):
87+
return existing_filter
88+
8589
filter_instance = SensitiveDataFilter(redactor=redactor)
8690
logger.addFilter(filter_instance)
8791
return filter_instance

nemoguardrails/rails/llm/injections.py

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -142,15 +142,13 @@ def detect_in_messages(
142142
if pattern:
143143
if raise_error:
144144
raise PromptInjectionDetectedError(
145-
f"Prompt injection detected in message {i} (role: {role}): {pattern}. "
146-
f"Message content: '{content[:100]}...'",
145+
f"Prompt injection detected in message {i} (role: {role}): {pattern}",
147146
injection_pattern=pattern,
148147
)
149148
return {
150149
'message_index': i,
151150
'role': role,
152151
'pattern': pattern,
153-
'content_preview': content[:100],
154152
}
155153

156154
return None

0 commit comments

Comments
 (0)