o i 1@sdZddlmZddlZddlmZddlmZddlmZddlmZddlm Z dd l m Z dd l m Z dd lmZdd lmZdd lmZddlmmZddlmZddlmZddlmZddlmZddlmZddl m!Z!ddl"m#Z#e$e%ZdZ&dZ'dZ(e&e'e(gZ)GdddeZ*GdddeZ+GdddeddZ,Gd d!d!eddZ-Gd"d#d#eddZ.Gd$d%d%eZ/Gd&d'd'eddZ0Gd(d)d)eddZ1Gd*d+d+e2Z3Gd,d-d-e2Z4Gd.d/d/Z5 d4d0ee6d1e5fd2d3Z7dS)5z@AI Guard client for security evaluation of agentic AI workflows.)deepcopyN)Any)Literal)Optional) TypedDict)Union)config)AI_GUARD)_aiguard_manual_keep)core) telemetry)ai_guard_config)TELEMETRY_NAMESPACE) MetricTagType)Response)get_connection)tracer) __version__ALLOWDENYABORTc@seZdZUeed<eed<dS)Functionname argumentsN__name__ __module__ __qualname__str__annotations__r r W/home/ubuntu/.local/lib/python3.10/site-packages/ddtrace/appsec/ai_guard/_api_client.pyr"  rc@seZdZUeed<eed<dS)ToolCallidfunctionN)rrrrrrr r r r!r#'r"r#c@eZdZUeed<dS)ImageURLurlNrr r r r!r', r'F)totalc@s.eZdZUeed<eeed<eeed<dS) ContentParttypetext image_urlN)rrrrrrr'r r r r!r+0s  r+c@s>eZdZUeed<eeeefed<eed<eeed<dS)Messagerolecontent tool_call_id tool_callsN) rrrrrrlistr+r#r r r r!r/6s r/c@s.eZdZUeded<eed<eeed<dS) Evaluation)rrractionreasontagsN)rrrrrrr4r r r r!r5=s r5c@r&)OptionsblockN)rrrboolrr r r r!r9Cr)r9c@s.eZdZUeed<eed<eed<eed<dS)ErrorstatustitlecodedetailNrr r r r!r<Gs  r<c s<eZdZdZd deededeeeffdd Z Z S) AIGuardClientErrorz%Exception for AI Guard client errors.rNmessager=errorscs ||_|pg|_t|dSN)r=rCsuper__init__)selfrBr=rC __class__r r!rFQs zAIGuardClientError.__init__)rN) rrr__doc__rrintr4r<rF __classcell__r r rHr!rANs0rAc s8eZdZdZddededeeeffdd ZZS) AIGuardAbortErrorz.truncate_messagecsg|]}|qSr r ).0rB)rlr r! sz;AIGuardClient._messages_for_meta_struct..))r,r1) r _ai_guard_max_messages_lengthrfr r]r^rr_r TRUNCATED_METRIC_ai_guard_max_content_sizer/)rbmax_messages_lengthresultr )rjrkrlr!_messages_for_meta_struct|s   z'AIGuardClient._messages_for_meta_structrBcC|d}t|o t|dkS)Nr3rrdr;rf)rBr3r r r!_has_tool_calls zAIGuardClient._has_tool_callscCru)Nr2rrv)rBr2r r r!_has_tool_call_idrxzAIGuardClient._has_tool_call_idcCst|r|dg}dd|D}ddd|DSt|rZ|d}|s*dSt|D]+}|dg}|D] }d|vrX|d|krXd |vrXd |d vrX|d d Sq8q.dS) Nr3cSs,g|]}d|vrd|dvr|ddqS)r%rr )rm tool_callr r r!rns  z0AIGuardClient._get_tool_name..,css|]}|r|VqdSrDr )rmrr r r! sz/AIGuardClient._get_tool_name..r2r$r%r)rNrwrdjoinryreversed)rBrbr3names target_idmsgrzr r r!_get_tool_names*         zAIGuardClient._get_tool_nameoptionsremote_enabledcCs|r|sdS|ddS)NFr:)rd)rrr r r!_is_blocking_enableds z"AIGuardClient._is_blocking_enabledc Cs|rt|dkr tdttja}z@dd||jdii}|d}|||}|r;|tj d|tj |n|tj dd | |i}| tj |z||jd |}|p`i} Wntyw} z td | d | d } ~ ww|jdkrz$| dd} | d} | dd } | dg}| dg}| dd}Wn"ty} ztj| ddd d}td||jd| d } ~ ww| tvrtd| dt|jd|tj| |r|d|i| r|tj| |r|d|intd|j|jd | vr | d d!d d!|||o| tk}|d| fd"|r%d#nd$fd%ft}|r6t ||rG|tj!d#t"| | |d&t#| | |d&WWd St"y^tys|d't$j%d(|d)d*w1sxwYd S)+aEvaluate if the list of messages are safe to execute. Args: messages: list of messages to evaluate options: Optional configuration with 'block' parameter (defaults to False) Returns: EvaluationResult containing action and reason Raises: AIGuardAbortError: If execution should be aborted and block is set to true AIGuardClientError: If evaluation request fails rzMessages must not be emptydata attributes)rbmetatoolpromptrbz /evaluatez+Unexpected error calling AI Guard service: )rBNr6r7r8 sds_findingsis_blocking_enabledF)indentiz6AI Guard service returned unexpected response format: )rBr=z0AI Guard service returned unrecognized action: 'z '. Expected )r=attack_categoriessdsz&AI Guard service call failed, status: rC)rBr=rCr:truefalse)errorr)r6r7r8))rrz+AI Guard evaluation failed for messages: %sT)exc_info)&rf ValueErrorrtracer RESOURCE_TYPErXrset_tag TARGET_TAG TOOL_NAME_TAGrt_set_struct_tagSTRUCT_execute_requestrVget_json ExceptionrAr=rdjsondumpsACTIONS ACTION_TAGupdate REASON_TAGrrrar get_root_spanr BLOCKED_TAGrMr5loggerdebug)rGrbrspanpayloadlast tool_name meta_structresponserserr6r7r8rblocking_enabledvalue should_block root_spanr r r!evaluates       H zAIGuardClient.evaluater(rcCsXz&t||j}tj|ddtd}|d|||j|}t |W| S| w)NT) ensure_asciiskipkeysdefaultPOST) rrZrrrrequestrW getresponserfrom_http_responseclose)rGr(rconn json_bodyrespr r r!r1s  zAIGuardClient._execute_requestrD)rrrrJrrF staticmethodrrar4r/rtr;rwryrrr9rr5rrrrr r r r!rNas"%  arNrOr[cCsdtj}tj}|r |std|stj}|s,tjddkr#dtjntj}d|d}t|||S)NzFAuthentication credentials required: provide DD_API_KEY and DD_APP_KEY.r\zapp.zhttps://z/api/v2/ai-guard) r _dd_api_key _dd_app_keyrr _ai_guard_endpoint_dd_sitecountrN)rOrPrQsiter r r!new_ai_guard_client<s"  rrD)8rJcopyrrtypingrrrrrddtracerddtrace.appsec._constantsr ddtrace.appsec._trace_utilsr ddtrace.internalr r ddtrace.internal.loggerinternalrddloggerddtrace.internal.settings.asmr ddtrace.internal.telemetryr-ddtrace.internal.telemetry.metrics_namespacesrddtrace.internal.utils.httprr ddtrace.tracerddtrace.versionr get_loggerrrrrrrr#r'r+r/r5r9r<rrArMrNrrr r r r!sX                      ]