fix: block leaked history summaries in replies

2026-03-11 18:33:17 +08:00
parent 2c003e9a7d
commit ebca1eaff6
4 changed files with 87 additions and 5 deletions
--- a/core/orchestrator.py
+++ b/core/orchestrator.py
@@ -51,6 +51,7 @@ _OUTBOUND_BLOCK_MARKERS = (
 )

 _TRANSFER_COMMAND_MARKER = "[转移会话]"
+_TRANSFER_COMMAND_RE = re.compile(r"^\s*正在为您转接\|\[转移会话\],[^,\r\n]+,[^\r\n]*\s*$")

 # 历史记录格式检测模式（AI 转述历史时容易泄露）
 _HISTORY_LEAK_PATTERNS = [
@@ -213,8 +214,11 @@ class SystemOrchestrator:
        if not text:
            return ""
        cleaned = str(text).strip()
-        if "[转移会话]" in cleaned:
+        if _TRANSFER_COMMAND_RE.fullmatch(cleaned):
            return cleaned
+        if _TRANSFER_COMMAND_MARKER in cleaned:
+            logger.warning("[Orchestrator] 检测到混入正文的转接指令，替换为安全兜底回复")
+            return "我在帮你看记录，稍等哈"
        if any(marker in cleaned for marker in _OUTBOUND_BLOCK_MARKERS):
            logger.warning("[Orchestrator] 拦截到内部内容外发，替换为安全兜底回复")
            return "我在帮你看记录，稍等哈"
@@ -225,6 +229,33 @@ class SystemOrchestrator:
                return "我在帮你看记录，稍等哈"
        return cleaned

+    @staticmethod
+    def _sanitize_history_content_for_ai(text: str) -> str:
+        cleaned = str(text or "").strip()
+        if not cleaned:
+            return ""
+        if _TRANSFER_COMMAND_RE.fullmatch(cleaned):
+            return "系统：之前已转接设计师"
+        if "【历史记录摘要】" in cleaned or "【详细记录】" in cleaned:
+            return "系统：刚刚查过历史记录"
+        if "【订单摘要】" in cleaned or "【订单详情】" in cleaned:
+            return "系统：刚刚查过订单记录"
+        if _TRANSFER_COMMAND_MARKER in cleaned:
+            cleaned = re.sub(
+                r"正在为您转接\|\[转移会话\],[^,\r\n]+,[^\r\n]*",
+                "系统：之前已转接设计师",
+                cleaned,
+            )
+        return cleaned
+
+    def _sanitize_history_for_ai(self, history: List[dict]) -> List[dict]:
+        sanitized = []
+        for item in history or []:
+            normalized = dict(item)
+            normalized["content"] = self._sanitize_history_content_for_ai(item.get("content", ""))
+            sanitized.append(normalized)
+        return sanitized
+
    @staticmethod
    def _extract_designer_name(transfer_cmd: str) -> str:
        text = str(transfer_cmd or "").strip()
@@ -559,6 +590,7 @@ class SystemOrchestrator:
                history_elapsed = time.time() - history_start
                logger.info(f"[计时] user={user_id} 查询历史: {history_elapsed:.2f}s (共{len(history)}条)")
                ai_history = history[:-1] if history and history[-1].get("content") == db_content else history
+                ai_history = self._sanitize_history_for_ai(ai_history)

                # C. 短时间追问且疑似没真正接上人工：优先补发一次转接
                std_res = await self._retry_stalled_transfer_if_needed(