fix(plugin): sanitize prompt fallback in before_prompt_build to prevent query pollution

LinQiang391 · LinQiang391 · commit 43672fd71911 · 2026-04-13T20:07:22.000+08:00
The prompt fallback path bypassed sanitizeUserTextForCapture, allowing
Sender metadata blocks and timestamps to be sent as search queries to
the OpenViking API, causing irrelevant memories to rank highly.

Made-with: Cursor
diff --git a/examples/openclaw-plugin/index.ts b/examples/openclaw-plugin/index.ts
@@ -11,6 +11,7 @@ import {
   compileSessionPatterns,
   isTranscriptLikeIngest,
   extractLatestUserText,
+  sanitizeUserTextForCapture,
   shouldBypassSession,
 } from "./text-utils.js";
 import {
@@ -884,7 +885,7 @@ const contextEnginePlugin = {
       const eventObj = (event ?? {}) as { messages?: unknown[]; prompt?: string };
       const queryText =
         extractLatestUserText(eventObj.messages) ||
-        (typeof eventObj.prompt === "string" ? eventObj.prompt.trim() : "");
+        (typeof eventObj.prompt === "string" ? sanitizeUserTextForCapture(eventObj.prompt) : "");
       if (!queryText) {
         return;
       }
