AutoGPT is the vision of accessible AI for everyone, to use and to build on. Our mission is to provide the tools, so that you can focus on what matters.
fix(backend): address PR reviewer feedback on sensitive field filtering
- Expand SENSITIVE_FIELD_NAMES with private_key, client_secret, secret_key,
passphrase, webhook_secret, bearer_token
- Switch from exact-match to substring matching for sensitive field names
(e.g. 'my_api_key' is now correctly filtered)
- Add recursive scanning of nested dicts to prevent secret leakage through
benign top-level keys (e.g. {"config": {"api_key": "..."}})
- Extract duplicated defaults-collection logic into shared
filter_sensitive_fields() helper (DRY fix)
- Replace magic number 64 with MAX_TOOL_NAME_LENGTH constant
- Add tests for substring matching, nested filtering, expanded field names,
and non-dict input_default edge case Z
Zamil Majdy committed
f79639099435556d2907ae7b6ca4ebed6bea83a0
Parent: ec9e45d