Summary
OutputScanner exists as a standalone class (security/output_scanner.py) for post-tool output scanning and redaction. Per D5, it should be integrated into ToolInvoker to scan tool results after execution. This integration is not done.
Design Spec Reference
- §12.3 D5 — add post-tool-call scanning for sensitive data in outputs
Scope
- Wire
OutputScanner into ToolInvoker.invoke_all() post-execution path
- Scan
ToolResult.content for sensitive data patterns
- Redact or flag findings before returning results to the LLM
- Configurable per autonomy level
Summary
OutputScannerexists as a standalone class (security/output_scanner.py) for post-tool output scanning and redaction. Per D5, it should be integrated intoToolInvokerto scan tool results after execution. This integration is not done.Design Spec Reference
Scope
OutputScannerintoToolInvoker.invoke_all()post-execution pathToolResult.contentfor sensitive data patterns