wooo/awoooi
1
1
Fork 0
Code Issues 2 Pull Requests 1 Actions 4 Packages Projects Releases Wiki Activity

fix(api): redact report automation evidence response
All checks were successful
Code Review / ai-code-review (push) Successful in 12s
Details
CD Pipeline / tests (push) Successful in 1m27s
Details
CD Pipeline / build-and-deploy (push) Successful in 4m23s
Details
CD Pipeline / post-deploy-checks (push) Successful in 1m29s
Details

Browse Source
This commit is contained in:
Your Name
2026-06-13 11:15:08 +08:00
parent a6944683e2
commit 92781655f4
2 changed files with 51 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
apps/api/src/api/v1/agents.py
View File

@@ -926,7 +926,8 @@ async def get_agent_report_truth_actionability_review() -> dict[str, Any]:
async def get_agent_report_automation_review() -> dict[str, Any]:
"""Return the latest read-only AI Agent report automation review."""
try:
return await asyncio.to_thread(load_latest_ai_agent_report_automation_review)
payload = await asyncio.to_thread(load_latest_ai_agent_report_automation_review)
return redact_public_lan_topology(payload)
except FileNotFoundError as exc:
raise HTTPException(
status_code=status.HTTP_404_NOT_FOUND,

49
apps/api/tests/test_ai_agent_report_automation_review_api.py
View File

@@ -3,6 +3,45 @@ from fastapi.testclient import TestClient
from src.main import app
_PUBLIC_FORBIDDEN_TERMS = [
"工作視窗",
"對話內容",
"批准!繼續",
"In app browser",
"My request for Codex",
"browser_context",
"codex_user_message",
"prompt_text",
"raw payload",
"raw_payload",
"private reasoning",
"chain_of_thought",
"authorization header",
"secret value",
"raw tool output",
"raw Telegram payload",
"work window transcript",
"work_window_transcript",
"internal collaboration transcript",
]
def _collect_strings(value):
if isinstance(value, str):
return [value]
if isinstance(value, list):
strings = []
for item in value:
strings.extend(_collect_strings(item))
return strings
if isinstance(value, dict):
strings = []
for item in value.values():
strings.extend(_collect_strings(item))
return strings
return []
def test_get_ai_agent_report_automation_review_api():
client = TestClient(app)
response = client.get("/api/v1/agents/agent-report-automation-review")
@@ -26,3 +65,13 @@ def test_get_ai_agent_report_automation_review_api():
assert data["rollups"]["workload_unit_total"] == 91
assert data["rollups"]["current_auto_execution_enabled_count"] == 0
assert data["rollups"]["live_auto_optimization_count"] == 0
def test_get_ai_agent_report_automation_review_api_redacts_public_terms():
client = TestClient(app)
response = client.get("/api/v1/agents/agent-report-automation-review")
assert response.status_code == 200
all_text = "\n".join(_collect_strings(response.json()))
for term in _PUBLIC_FORBIDDEN_TERMS:
assert term not in all_text