prompt_renderer

Jinja2-based system prompt renderer with SSTI hardening.

Loads a .j2 template file once at startup and renders it on each call with room-specific and tool-specific context variables. Uses a SandboxedEnvironment and recursively sanitises user-controllable values to prevent server-side template injection.

prompt_renderer.sanitize_context(value)[source]

Recursively strip Jinja2 metacharacters from user-controllable strings.

Replaces {{, }}, {%, %}, {#, #} with Unicode full-width lookalikes so they cannot be interpreted as template syntax if an | tojson filter is ever omitted.

Non-string leaves (ints, floats, bools, None) pass through unchanged. Dicts and lists are walked recursively.

Return type:

Any

Parameters:

value (Any)

class prompt_renderer.PromptRenderer(template_path, default_extras=None)[source]

Bases: object

Render a Jinja2 system-prompt template with per-request context.

Uses SandboxedEnvironment to prevent template injection even if a caller accidentally passes unsanitised user data.

Parameters:

  • template_path (str | Path) – Path to the .j2 template file (e.g. "system_prompt.j2").

  • default_extras (dict[str, Any] | None) – Optional dict of variables injected into every render call (e.g. the list of registered tools). Per-call context takes precedence over these defaults.

__init__(template_path, default_extras=None)[source]

Initialize the instance.

Parameters:

  • template_path (str | Path) – The template path value.

  • default_extras (dict[str, Any] | None) – The default extras value.

Return type:

None

render(context=None)[source]

Render the template with the supplied context.

All values in context are recursively sanitised to strip Jinja2 metacharacters before rendering.

The following keys are automatically injected if not already present:

  • current_date – today’s date in YYYY-MM-DD format (UTC).

Keys from default_extras (set at init or later) are included but can be overridden by context.

Return type:

str

Parameters:

context (dict[str, Any] | None)