fix(llm): harden HAIP AI explanation grounding & transport#129
Merged
Conversation
- explainDecision now fails closed: an explanation whose rationale asserts a figure the decision's numbers don't support is suppressed (returns null) and never cached, instead of being returned flagged-but-visible. - numericPayload(): strip every free-form string from the decision before the prompt so ONLY numbers reach the model — prevents prompt injection via guest/review/email fields and makes "model sees only numbers" structural. - grounding heuristic: drop the unsafe arbitrary ÷100 path (a room count can no longer "support" an invented small percentage); parse sign, thousands separators, and scientific notation in significantNumbers. - LlmService: AbortController timeout (HAIP_AI_TIMEOUT_MS, default 10s) plus a Content-Length body cap; still fail-soft to null on any error. - Regression tests for each of the above. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Hardening pass on the HAIP AI explanation layer (
apps/api/src/modules/llm+agent.service.explainDecision).Changes
explanation: null) and never cached, instead of returned flagged-but-visible.numericPayload()strips every free-form string from the decision before it reaches the model, so guest/review/email text can't steer the explanation (prompt-injection). Makes "the model only sees numbers" structural, not just a comment.significantNumbersnow parses sign, thousands separators (1,200), and scientific notation (1e6).LlmServiceadds anAbortControllertimeout (HAIP_AI_TIMEOUT_MS, default 10s) and a Content-Length body cap. Still fail-soft tonullon any error.Verification
pnpm test(apps/api): 1015 passing, including new regression tests for each item above.pnpm typecheck: clean.🤖 Generated with Claude Code