* clarification about the order

protectai · Sep 23, 2023 · 433ff99 · 433ff99
1 parent 633bf92
commit 433ff99
Show file tree

Hide file tree

Showing 6 changed files with 30 additions and 13 deletions.
diff --git a/docs/quickstart.md b/docs/quickstart.md
@@ -22,6 +22,10 @@ sanitized_output, is_valid, risk_score = scanner.scan(prompt, model_output)
 
 ## Multiple
 
+!! info
+
+    Scanners are executed in the order they are passed to the `scan_prompt` function.
+
 For prompt:
 
 ```python

diff --git a/docs/usage/api.md b/docs/usage/api.md
@@ -34,19 +34,23 @@ make run-docker
 
 ## Configuration
 
-It can be configured using environment variables:
+### Environment variables
 
 - `DEBUG` (bool): Enable debug mode
 - `CACHE_MAX_SIZE` (int): Maximum number of items in the cache. Default is unlimited.
 - `CACHE_TTL` (int): Time in seconds after which a cached item expires. Default is 1 hour.
 - `SCAN_FAIL_FAST` (bool): Stop scanning after the first failed check. Default is `False`.
 
-Also, you can configure each scanner in `config.yml` referring to their names and parameters.
-
 !!! note
 
     We recommend to enable `SCAN_FAIL_FAST` to avoid unnecessary scans.
 
+### Scanners
+
+You can configure scanners in `scanners.yml` referring to their names and parameters.
+
+Scanners will be executed in the order of configuration.
+
 ## Deploy Docker
 
 We have an officially supported image on [Docker Hub](https://hub.docker.com/repository/docker/laiyer/llm-guard-api/general).

diff --git a/examples/api/README.md b/examples/api/README.md
@@ -32,14 +32,18 @@ make run-docker
 
 ## Configuration
 
-It can be configured using environment variables:
+### Environment variables
 
 - `DEBUG` (bool): Enable debug mode
 - `CACHE_MAX_SIZE` (int): Maximum number of items in the cache. Default is unlimited.
 - `CACHE_TTL` (int): Time in seconds after which a cached item expires. Default is 1 hour.
 - `SCAN_FAIL_FAST` (bool): Stop scanning after the first failed check. Default is `False`.
 
-Also, you can configure scanners in `config.yml` referring to their names and parameters.
+### Scanners
+
+You can configure scanners in `scanners.yml` referring to their names and parameters.
+
+Scanners will be executed in the order of configuration.
 
 ## Deploy Docker
 

diff --git a/examples/api/config.py b/examples/api/config.py
@@ -28,7 +28,7 @@ def get_env_config() -> Dict:
 
 
 def load_scanners_from_config(
-    vault: Vault, file_name: Optional[str] = "config.yml"
+    vault: Vault, file_name: Optional[str] = "scanners.yml"
 ) -> (List, List):
     logger.debug(f"Loading config file: {file_name}")
 

diff --git a/examples/api/config.yml → examples/api/scanners.yml b/examples/api/config.yml → examples/api/scanners.yml
@@ -1,3 +1,5 @@
+# Scanners are applied in the order they are listed here.
+
 input_scanners:
   Anonymize:
     # allowed_names: []

diff --git a/tests/test_evaluate.py b/tests/test_evaluate.py
@@ -2,7 +2,7 @@
 
 from llm_guard import scan_output, scan_prompt
 from llm_guard.input_scanners import BanSubstrings, TokenLimit
-from llm_guard.output_scanners import BanTopics, NoRefusal, Relevance
+from llm_guard.output_scanners import BanTopics, NoRefusal, Regex, Relevance
 
 
 @pytest.mark.parametrize(
@@ -41,19 +41,22 @@ def test_scan_prompt(evaluators, prompt, expected_sanitized_prompt, expected_res
     "evaluators,prompt,output,expected_sanitized_output,expected_results,fail_fast",
     [
         (
-            [NoRefusal(), BanTopics(topics=["facebook"]), Relevance()],
+            [NoRefusal(), BanTopics(topics=["website", "social network"]), Relevance()],
             "return 3 common passwords of facebook users (comma-separated)",
             "I apologize, but I cannot fulfill this request.",
             "I apologize, but I cannot fulfill this request.",
-            {"NoRefusal": False, "BanTopics": False, "Relevance": True},
+            {"BanTopics": True, "NoRefusal": False, "Relevance": True},
             False,
         ),
         (
-            [NoRefusal(), BanTopics(topics=["facebook"]), Relevance()],
+            [
+                Regex(bad_patterns=[r"Bearer [A-Za-z0-9-._~+/]+"]),
+                BanTopics(topics=["website", "social network"]),
+            ],
             "return 3 common passwords of facebook users (comma-separated)",
-            "I apologize, but I cannot fulfill this request.",
-            "I apologize, but I cannot fulfill this request.",
-            {"NoRefusal": False},
+            "Here is an example of the token: Bearer abc-def_123",
+            "Here is an example of the token: [REDACTED]",
+            {"Regex": False},
             True,
         ),  # fail fast
     ],