classifiers.update_dangerous_command_embeddings module
Compute dangerous-command centroid embeddings and store in Redis + RediSearch.
Loads dangerous_command_index.json (destructive ops + malware-execution
risk paraphrases), embeds example strings per category
via compute_tool_centroids_bulk (same as tool embeddings), writes one
dangerous_cmd_emb:{category_id} HASH per category, and removes orphaned
keys no longer present in the JSON.
Run python init_redis_indexes.py (or bot startup ensure_indexes) once
so idx:dangerous_cmds exists before first use.
When the message pipeline defers embedding (unaddressed messages with batch
queue), query_embedding is absent and the guard does not run — same as no
suffix.
Usage:
python -m classifiers.update_dangerous_command_embeddings [--force-all]
- Environment:
REDIS_URL, OPENROUTER_API_KEY / config.yaml api_key (for embeddings)
- classifiers.update_dangerous_command_embeddings.load_index()[source]
Load and parse the dangerous-command example corpus from disk.
Reads the JSON file at module-level
INDEX_PATH(dangerous_command_index.json, the curated corpus of destructive ops and malware-execution-risk paraphrases) and returns its parsed contents. The caller expects a top-levelcategoriesmapping of category id to a blob withlabelandexamples. This is a filesystem read only; it does not touch Redis or the network.Called by
update_dangerous_command_embeddings()in this module; no other callers were found.- Returns:
The parsed corpus, typically containing
categoriesandversionkeys.- Return type:
- Raises:
FileNotFoundError – If
INDEX_PATHdoes not exist.ValueError – If the file does not contain valid JSON.
- async classifiers.update_dangerous_command_embeddings.update_dangerous_command_embeddings(*, force_all=False)[source]
Recompute every dangerous-command centroid and sync it to Redis.
The core routine of this module. It loads the corpus via
load_index(), normalizes each category’s example strings withclassifiers.tool_embedding_batch.normalize_synthetic_queries(), and computes one mean centroid vector per category throughclassifiers.tool_embedding_batch.compute_tool_centroids_bulk()using anOpenRouterEmbeddingsclient. Each centroid plus metadata (label, query count, corpus version) is written to adangerous_cmd_emb:{category_id}HASH viaclassifiers.redis_vector_index.store_dangerous_cmd_embedding_hash(), and category ids present in Redis but no longer in the JSON are pruned viaclassifiers.redis_vector_index.delete_dangerous_cmd_embedding_hash(). These vectors are what the runtime guard scores an incoming query embedding against to flag destructive or malware-execution intent.Opens (from
config.Config/REDIS_URL) and always closes its own async Redis connection, callsgemini_embed_pool.init_quota_tracking(), reads the JSON corpus, and makes OpenRouter embedding HTTP calls. Called only bymain()here (thepython -m classifiers.update_dangerous_command_embeddingsentry point); no other callers were found.- Parameters:
force_all (
bool) – Accepted for symmetry with the sibling refresh scripts. It is effectively a no-op because every run already rewrites all categories from the JSON; only an informational log line is emitted.- Returns:
Trueif at least one centroid was stored or one orphan removed,Falseon a hard failure (no categories, missing API key, or no usable examples).- Return type:
- async classifiers.update_dangerous_command_embeddings.main()[source]
Parse CLI flags and run the dangerous-command embedding refresh.
Builds an
argparse.ArgumentParserexposing the single--force-allflag, then awaitsupdate_dangerous_command_embeddings()with the parsed value. The coroutine handles its own Redis connection (onedangerous_cmd_emb:{category_id}HASH per category plus theidx:dangerous_cmdsRediSearch index) and OpenRouter embedding calls; on completion this wrapper translates the boolean result into a process exit code viasys.exit(0when at least one category was stored or an orphan removed,1otherwise).This is the module entry point invoked under
if __name__ == "__main__"throughasyncio.run(main())(e.g.python -m classifiers.update_dangerous_command_embeddings); no other internal callers were found.- Raises:
SystemExit – Always, carrying the success/failure exit code.
- Return type: