filter

package

v0.0.0-...-78728ec Latest Latest Go to latest Published: Jun 16, 2026 License: AGPL-3.0 Imports: 5 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/0xmhha/code-knowledge-vector

Links

Open Source Insights

Documentation ¶

Overview ¶

Package filter implements the Sensitive Filter engine. It scans text for secrets, credentials, and sensitive patterns before data leaves the MCP server. Three-tier decision: CLEAN (pass), REDACTED (mask sensitive parts), BLOCKED (reject entirely).

Pattern definitions come from a JSON config file (patterns.json). The filter is applied as the last step in every MCP tool that returns code or text content.

Index ¶

type Config
- func LoadConfig(path string) (Config, error)
type Filter
- func New(cfg Config) *Filter
- func PassThrough() *Filter
- func (f *Filter) Scan(text string) Result
type Match
type Pattern
type Result
type Status

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Config ¶

type Config struct {
	Version  string    `json:"version"`
	Patterns []Pattern `json:"patterns"`
}

Config is the patterns.json structure.

func LoadConfig ¶

func LoadConfig(path string) (Config, error)

LoadConfig reads a patterns.json file and returns the parsed config.

type Filter ¶

type Filter struct {
	// contains filtered or unexported fields
}

Filter scans text against a set of patterns.

func New ¶

func New(cfg Config) *Filter

New creates a filter from the given config. Patterns with invalid regex are silently skipped.

func PassThrough ¶

func PassThrough() *Filter

PassThrough returns a no-op filter that passes all text unchanged. Used when no patterns.json is configured.

func (*Filter) Scan ¶

func (f *Filter) Scan(text string) Result

Scan checks text against all patterns and returns the filter result.

type Match ¶

type Match struct {
	PatternID string `json:"pattern_id"`
	Name      string `json:"name"`
	Severity  string `json:"severity"`
	Action    string `json:"action"`
}

Match records one pattern hit.

type Pattern ¶

type Pattern struct {
	ID          string `json:"id"`
	Name        string `json:"name"`
	Regex       string `json:"regex"`
	Severity    string `json:"severity"`
	Action      string `json:"action"`
	Description string `json:"description,omitempty"`
	// contains filtered or unexported fields
}

Pattern is one entry in the pattern config.

type Result ¶

type Result struct {
	Status        Status  `json:"status"`
	FilteredText  string  `json:"filtered_text"`
	RedactedCount int     `json:"redacted_count"`
	BlockedBy     string  `json:"blocked_by,omitempty"`
	Matches       []Match `json:"matches,omitempty"`
}

Result is the outcome of filtering a text.

type Status ¶

type Status string

Status is the filter decision.

const (
	StatusClean    Status = "CLEAN"
	StatusRedacted Status = "REDACTED"
	StatusBlocked  Status = "BLOCKED"
)

Source Files ¶

View all Source files

filter.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL