Scan tool output before it re-enters model context — scan_tool

scan_tool_output() checks text returned by tools before that text is shown to a user, stored, or appended back into model context.

Usage

scan_tool_output(
  tool_name,
  output,
  policy = "enterprise_default",
  reviewer = NULL,
  checks = "rules",
  redaction = NULL,
  scanners = scanner_options(),
  show_tokens = FALSE
)

Arguments

tool_name: Tool name requested by a model or orchestrator.
output: Tool output text or object coercible to text.
policy: A shieldr_policy or built-in policy name.
reviewer: Optional reviewer function or object with $chat().
checks: One of "rules", "nlp", "llm", or "both".
redaction: Optional redaction strategy from redaction_strategy().
scanners: Optional scanner configuration from scanner_options().
show_tokens: Whether to attach token counts when ellmer is available.

Value

A shieldr_report.

Details

Tool outputs are scanned with scan_output() because they are untrusted downstream content. The returned report stores stage = "tool_output" and tool_name in metadata.

Examples

scan_tool_output("search_docs", "Result includes neel@example.com")
#> llmshieldr report
#> action: redact
#> risk_score: 0.300
#> findings: 1