membphis commented on PR #13570:
URL: https://github.com/apache/apisix/pull/13570#issuecomment-4764467697

   ### P1: Preserve Lakera message roles instead of flattening the conversation 
into one user message
   
   The plugin currently calls `proto.extract_request_content(request_tab)`, 
concatenates all extracted text, and `client.scan` sends the result as:
   
   ```lua
   messages = { { role = "user", content = content } }
   ```
   
   This loses the original role and turn boundaries. For OpenAI Chat, this can 
turn system, assistant, historical user, and current user content into one 
current `user` message. For Anthropic and Responses requests, the protocol 
adapters already have role-preserving canonical message helpers, so flattening 
here bypasses information the codebase can keep.
   
   Why this blocks merge: Lakera Guard's `/v2/guard` API is message-based, and 
role/context semantics matter for policy behavior. Sending the system prompt, 
assistant output, or older history as a new user message can block valid 
follow-up requests because old or non-user content is rescanned as the current 
user input. It can also make the gateway's enforcement differ from the API 
contract this plugin is integrating with.
   
   Suggested fix:
   
   - Pass a `messages` array to `client.scan`, not a flattened string.
   - Build it from the protocol-normalized message helper, preserving `system`, 
`user`, and `assistant` roles where available.
   - Only fall back to one `user` message when the protocol has no 
role-preserving representation.
   - Update the "whole conversation is scanned" test to verify the full message 
array is sent without converting history/system/assistant messages into the 
latest user input.
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to