From 943bcce89809e6ebb3d4eb2005865aa31b5c6358 Mon Sep 17 00:00:00 2001 From: Jeff Handley Date: Tue, 6 May 2025 22:03:55 -0700 Subject: [PATCH 1/5] Add security comments for GetResponseAsync/GetStreamingResponseAsync --- .../ChatCompletion/IChatClient.cs | 32 +++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/src/Libraries/Microsoft.Extensions.AI.Abstractions/ChatCompletion/IChatClient.cs b/src/Libraries/Microsoft.Extensions.AI.Abstractions/ChatCompletion/IChatClient.cs index bb0fe6a428c..8544285e685 100644 --- a/src/Libraries/Microsoft.Extensions.AI.Abstractions/ChatCompletion/IChatClient.cs +++ b/src/Libraries/Microsoft.Extensions.AI.Abstractions/ChatCompletion/IChatClient.cs @@ -32,6 +32,22 @@ public interface IChatClient : IDisposable /// The to monitor for cancellation requests. The default is . /// The response messages generated by the client. /// is . + /// + /// Prompt are passed through to the underlying provider, and the + /// in the are returned without modification or filtering. + /// + /// No prompt injection defense is performed for data within . + /// Callers are expected to implement guards against prompt injection attacks as needed. + /// + /// + /// There are no limits or restrictions imposed on data sizes sent to the underlying provider or returned from it. + /// Callers are expected to apply data size limits as needed. + /// + /// + /// There are no limits or restrictions imposed on the number of messages sent to the underlying provider or returned from it. + /// Callers are expected to apply rate limits on a per-user or per-session basis as needed. + /// + /// Task GetResponseAsync( IEnumerable messages, ChatOptions? options = null, @@ -43,6 +59,22 @@ Task GetResponseAsync( /// The to monitor for cancellation requests. The default is . /// The response messages generated by the client. /// is . + /// + /// Prompt are passed through to the underlying provider, and the + /// in the are returned without modification or filtering. + /// + /// No prompt injection defense is performed for data within . + /// Callers are expected to implement guards against prompt injection attacks as needed. + /// + /// + /// There are no limits or restrictions imposed on data sizes sent to the underlying provider or returned from it. + /// Callers are expected to apply data size limits as needed. + /// + /// + /// There are no limits or restrictions imposed on the number of messages sent to the underlying provider or returned from it. + /// Callers are expected to apply rate limits on a per-user or per-session basis as needed. + /// + /// IAsyncEnumerable GetStreamingResponseAsync( IEnumerable messages, ChatOptions? options = null, From 2c2bbfcf5ff82c4a1cdfb3d9cfabd346da83ce8e Mon Sep 17 00:00:00 2001 From: Jeff Handley Date: Tue, 6 May 2025 22:32:23 -0700 Subject: [PATCH 2/5] Update wording on security comments --- .../ChatCompletion/IChatClient.cs | 28 ++++++++----------- 1 file changed, 12 insertions(+), 16 deletions(-) diff --git a/src/Libraries/Microsoft.Extensions.AI.Abstractions/ChatCompletion/IChatClient.cs b/src/Libraries/Microsoft.Extensions.AI.Abstractions/ChatCompletion/IChatClient.cs index 1725f35bedc..c6425f4c218 100644 --- a/src/Libraries/Microsoft.Extensions.AI.Abstractions/ChatCompletion/IChatClient.cs +++ b/src/Libraries/Microsoft.Extensions.AI.Abstractions/ChatCompletion/IChatClient.cs @@ -34,19 +34,17 @@ public interface IChatClient : IDisposable /// The response messages generated by the client. /// is . /// - /// Prompt are passed through to the underlying provider, and the - /// in the are returned without modification or filtering. /// - /// No prompt injection defense is performed for data within . - /// Callers are expected to implement guards against prompt injection attacks as needed. + /// No prompt injection defense is performed by default for data within . + /// Applications are expected to implement guards against prompt injection attacks as needed. /// /// - /// There are no limits or restrictions imposed on data sizes sent to the underlying provider or returned from it. - /// Callers are expected to apply data size limits as needed. + /// There are no limits or restrictions imposed on data sizes sent to the underlying provider or returned from it + /// by default. Applications are expected to apply data size limits as needed. /// /// - /// There are no limits or restrictions imposed on the number of messages sent to the underlying provider or returned from it. - /// Callers are expected to apply rate limits on a per-user or per-session basis as needed. + /// There are no limits or restrictions imposed on the number of messages sent to the underlying provider or returned from + /// it by default. Applications are expected to apply rate limits on a per-user or per-session basis as needed. /// /// /// Request a chat response. @@ -62,19 +60,17 @@ Task GetResponseAsync( /// The response messages generated by the client. /// is . /// - /// Prompt are passed through to the underlying provider, and the - /// in the are returned without modification or filtering. /// - /// No prompt injection defense is performed for data within . - /// Callers are expected to implement guards against prompt injection attacks as needed. + /// No prompt injection defense is performed by default for data within . + /// Applications are expected to implement guards against prompt injection attacks as needed. /// /// - /// There are no limits or restrictions imposed on data sizes sent to the underlying provider or returned from it. - /// Callers are expected to apply data size limits as needed. + /// There are no limits or restrictions imposed on data sizes sent to the underlying provider or returned from it + /// by default. Applications are expected to apply data size limits as needed. /// /// - /// There are no limits or restrictions imposed on the number of messages sent to the underlying provider or returned from it. - /// Callers are expected to apply rate limits on a per-user or per-session basis as needed. + /// There are no limits or restrictions imposed on the number of messages sent to the underlying provider or returned from + /// it by default. Applications are expected to apply rate limits on a per-user or per-session basis as needed. /// /// /// Request a streaming chat response. From 818a1176ab01a3cd261ddf45e6add1e9d195adbe Mon Sep 17 00:00:00 2001 From: Jeff Handley Date: Sat, 10 May 2025 00:08:35 -0700 Subject: [PATCH 3/5] Use generalized remarks on the interface and specific remarks on the implementations --- .../ChatCompletion/IChatClient.cs | 30 ++++--------------- .../AzureAIInferenceChatClient.cs | 28 +++++++++++++++++ .../OllamaChatClient.cs | 28 +++++++++++++++++ .../OpenAIChatClient.cs | 28 +++++++++++++++++ 4 files changed, 90 insertions(+), 24 deletions(-) diff --git a/src/Libraries/Microsoft.Extensions.AI.Abstractions/ChatCompletion/IChatClient.cs b/src/Libraries/Microsoft.Extensions.AI.Abstractions/ChatCompletion/IChatClient.cs index c6425f4c218..42f4131ba09 100644 --- a/src/Libraries/Microsoft.Extensions.AI.Abstractions/ChatCompletion/IChatClient.cs +++ b/src/Libraries/Microsoft.Extensions.AI.Abstractions/ChatCompletion/IChatClient.cs @@ -34,18 +34,9 @@ public interface IChatClient : IDisposable /// The response messages generated by the client. /// is . /// - /// - /// No prompt injection defense is performed by default for data within . - /// Applications are expected to implement guards against prompt injection attacks as needed. - /// - /// - /// There are no limits or restrictions imposed on data sizes sent to the underlying provider or returned from it - /// by default. Applications are expected to apply data size limits as needed. - /// - /// - /// There are no limits or restrictions imposed on the number of messages sent to the underlying provider or returned from - /// it by default. Applications are expected to apply rate limits on a per-user or per-session basis as needed. - /// + /// Applications must consider the risks of prompt injection attacks, data sizes, and the number of messages + /// sent to the underlying provider or returned from it. Unless a specific implementation + /// explicitly documents safeguards for these concerns, the application is expected to implement appropriate protections. /// /// Request a chat response. Task GetResponseAsync( @@ -60,18 +51,9 @@ Task GetResponseAsync( /// The response messages generated by the client. /// is . /// - /// - /// No prompt injection defense is performed by default for data within . - /// Applications are expected to implement guards against prompt injection attacks as needed. - /// - /// - /// There are no limits or restrictions imposed on data sizes sent to the underlying provider or returned from it - /// by default. Applications are expected to apply data size limits as needed. - /// - /// - /// There are no limits or restrictions imposed on the number of messages sent to the underlying provider or returned from - /// it by default. Applications are expected to apply rate limits on a per-user or per-session basis as needed. - /// + /// Applications must consider the risks of prompt injection attacks, data sizes, and the number of messages + /// sent to the underlying provider or returned from it. Unless a specific implementation + /// explicitly documents safeguards for these concerns, the application is expected to implement appropriate protections. /// /// Request a streaming chat response. IAsyncEnumerable GetStreamingResponseAsync( diff --git a/src/Libraries/Microsoft.Extensions.AI.AzureAIInference/AzureAIInferenceChatClient.cs b/src/Libraries/Microsoft.Extensions.AI.AzureAIInference/AzureAIInferenceChatClient.cs index ea66cc191e4..d4eaa4e6ed7 100644 --- a/src/Libraries/Microsoft.Extensions.AI.AzureAIInference/AzureAIInferenceChatClient.cs +++ b/src/Libraries/Microsoft.Extensions.AI.AzureAIInference/AzureAIInferenceChatClient.cs @@ -73,6 +73,20 @@ public AzureAIInferenceChatClient(ChatCompletionsClient chatCompletionsClient, s } /// + /// + /// + /// No prompt injection defense is performed by default for data within . + /// Applications are expected to implement guards against prompt injection attacks as needed. + /// + /// + /// There are no limits or restrictions imposed on data sizes sent to the underlying provider or returned from it + /// by default. Applications are expected to apply data size limits as needed. + /// + /// + /// There are no limits or restrictions imposed on the number of messages sent to the underlying provider or returned from + /// it by default. Applications are expected to apply rate limits on a per-user or per-session basis as needed. + /// + /// public async Task GetResponseAsync( IEnumerable messages, ChatOptions? options = null, CancellationToken cancellationToken = default) { @@ -128,6 +142,20 @@ public async Task GetResponseAsync( } /// + /// + /// + /// No prompt injection defense is performed by default for data within . + /// Applications are expected to implement guards against prompt injection attacks as needed. + /// + /// + /// There are no limits or restrictions imposed on data sizes sent to the underlying provider or returned from it + /// by default. Applications are expected to apply data size limits as needed. + /// + /// + /// There are no limits or restrictions imposed on the number of messages sent to the underlying provider or returned from + /// it by default. Applications are expected to apply rate limits on a per-user or per-session basis as needed. + /// + /// public async IAsyncEnumerable GetStreamingResponseAsync( IEnumerable messages, ChatOptions? options = null, [EnumeratorCancellation] CancellationToken cancellationToken = default) { diff --git a/src/Libraries/Microsoft.Extensions.AI.Ollama/OllamaChatClient.cs b/src/Libraries/Microsoft.Extensions.AI.Ollama/OllamaChatClient.cs index 210d8f7c92d..7e3790db478 100644 --- a/src/Libraries/Microsoft.Extensions.AI.Ollama/OllamaChatClient.cs +++ b/src/Libraries/Microsoft.Extensions.AI.Ollama/OllamaChatClient.cs @@ -80,6 +80,20 @@ public JsonSerializerOptions ToolCallJsonSerializerOptions } /// + /// + /// + /// No prompt injection defense is performed by default for data within . + /// Applications are expected to implement guards against prompt injection attacks as needed. + /// + /// + /// There are no limits or restrictions imposed on data sizes sent to the underlying provider or returned from it + /// by default. Applications are expected to apply data size limits as needed. + /// + /// + /// There are no limits or restrictions imposed on the number of messages sent to the underlying provider or returned from + /// it by default. Applications are expected to apply rate limits on a per-user or per-session basis as needed. + /// + /// public async Task GetResponseAsync( IEnumerable messages, ChatOptions? options = null, CancellationToken cancellationToken = default) { @@ -118,6 +132,20 @@ public async Task GetResponseAsync( } /// + /// + /// + /// No prompt injection defense is performed by default for data within . + /// Applications are expected to implement guards against prompt injection attacks as needed. + /// + /// + /// There are no limits or restrictions imposed on data sizes sent to the underlying provider or returned from it + /// by default. Applications are expected to apply data size limits as needed. + /// + /// + /// There are no limits or restrictions imposed on the number of messages sent to the underlying provider or returned from + /// it by default. Applications are expected to apply rate limits on a per-user or per-session basis as needed. + /// + /// public async IAsyncEnumerable GetStreamingResponseAsync( IEnumerable messages, ChatOptions? options = null, [EnumeratorCancellation] CancellationToken cancellationToken = default) { diff --git a/src/Libraries/Microsoft.Extensions.AI.OpenAI/OpenAIChatClient.cs b/src/Libraries/Microsoft.Extensions.AI.OpenAI/OpenAIChatClient.cs index c78b495393b..b76d191257f 100644 --- a/src/Libraries/Microsoft.Extensions.AI.OpenAI/OpenAIChatClient.cs +++ b/src/Libraries/Microsoft.Extensions.AI.OpenAI/OpenAIChatClient.cs @@ -68,6 +68,20 @@ public OpenAIChatClient(ChatClient chatClient) } /// + /// + /// + /// No prompt injection defense is performed by default for data within . + /// Applications are expected to implement guards against prompt injection attacks as needed. + /// + /// + /// There are no limits or restrictions imposed on data sizes sent to the underlying provider or returned from it + /// by default. Applications are expected to apply data size limits as needed. + /// + /// + /// There are no limits or restrictions imposed on the number of messages sent to the underlying provider or returned from + /// it by default. Applications are expected to apply rate limits on a per-user or per-session basis as needed. + /// + /// public async Task GetResponseAsync( IEnumerable messages, ChatOptions? options = null, CancellationToken cancellationToken = default) { @@ -83,6 +97,20 @@ public async Task GetResponseAsync( } /// + /// + /// + /// No prompt injection defense is performed by default for data within . + /// Applications are expected to implement guards against prompt injection attacks as needed. + /// + /// + /// There are no limits or restrictions imposed on data sizes sent to the underlying provider or returned from it + /// by default. Applications are expected to apply data size limits as needed. + /// + /// + /// There are no limits or restrictions imposed on the number of messages sent to the underlying provider or returned from + /// it by default. Applications are expected to apply rate limits on a per-user or per-session basis as needed. + /// + /// public IAsyncEnumerable GetStreamingResponseAsync( IEnumerable messages, ChatOptions? options = null, CancellationToken cancellationToken = default) { From ff3ae4480662752e052e70aabf462e729af4dfca Mon Sep 17 00:00:00 2001 From: Jeff Handley Date: Sat, 10 May 2025 09:06:10 -0700 Subject: [PATCH 4/5] Move security comments to ensure they are discoverable at the right place --- .../ChatCompletion/IChatClient.cs | 15 +++---- .../AzureAIInferenceChatClient.cs | 28 ------------- .../AzureAIInferenceExtensions.cs | 14 +++++++ .../OllamaChatClient.cs | 42 +++++++------------ .../OpenAIChatClient.cs | 28 ------------- .../OpenAIClientExtensions.cs | 42 +++++++++++++++++++ 6 files changed, 75 insertions(+), 94 deletions(-) diff --git a/src/Libraries/Microsoft.Extensions.AI.Abstractions/ChatCompletion/IChatClient.cs b/src/Libraries/Microsoft.Extensions.AI.Abstractions/ChatCompletion/IChatClient.cs index 42f4131ba09..f1376076119 100644 --- a/src/Libraries/Microsoft.Extensions.AI.Abstractions/ChatCompletion/IChatClient.cs +++ b/src/Libraries/Microsoft.Extensions.AI.Abstractions/ChatCompletion/IChatClient.cs @@ -11,6 +11,11 @@ namespace Microsoft.Extensions.AI; /// Represents a chat client. /// /// +/// Applications must consider the risks of prompt injection attacks, data sizes, and the number of messages +/// sent to the underlying provider or returned from it. Unless a specific implementation +/// explicitly documents safeguards for these concerns, the application is expected to implement appropriate protections. +/// +/// /// Unless otherwise specified, all members of are thread-safe for concurrent use. /// It is expected that all implementations of support being used by multiple requests concurrently. /// Instances must not be disposed of while the instance is still in use. @@ -33,11 +38,6 @@ public interface IChatClient : IDisposable /// The to monitor for cancellation requests. The default is . /// The response messages generated by the client. /// is . - /// - /// Applications must consider the risks of prompt injection attacks, data sizes, and the number of messages - /// sent to the underlying provider or returned from it. Unless a specific implementation - /// explicitly documents safeguards for these concerns, the application is expected to implement appropriate protections. - /// /// Request a chat response. Task GetResponseAsync( IEnumerable messages, @@ -50,11 +50,6 @@ Task GetResponseAsync( /// The to monitor for cancellation requests. The default is . /// The response messages generated by the client. /// is . - /// - /// Applications must consider the risks of prompt injection attacks, data sizes, and the number of messages - /// sent to the underlying provider or returned from it. Unless a specific implementation - /// explicitly documents safeguards for these concerns, the application is expected to implement appropriate protections. - /// /// Request a streaming chat response. IAsyncEnumerable GetStreamingResponseAsync( IEnumerable messages, diff --git a/src/Libraries/Microsoft.Extensions.AI.AzureAIInference/AzureAIInferenceChatClient.cs b/src/Libraries/Microsoft.Extensions.AI.AzureAIInference/AzureAIInferenceChatClient.cs index d4eaa4e6ed7..ea66cc191e4 100644 --- a/src/Libraries/Microsoft.Extensions.AI.AzureAIInference/AzureAIInferenceChatClient.cs +++ b/src/Libraries/Microsoft.Extensions.AI.AzureAIInference/AzureAIInferenceChatClient.cs @@ -73,20 +73,6 @@ public AzureAIInferenceChatClient(ChatCompletionsClient chatCompletionsClient, s } /// - /// - /// - /// No prompt injection defense is performed by default for data within . - /// Applications are expected to implement guards against prompt injection attacks as needed. - /// - /// - /// There are no limits or restrictions imposed on data sizes sent to the underlying provider or returned from it - /// by default. Applications are expected to apply data size limits as needed. - /// - /// - /// There are no limits or restrictions imposed on the number of messages sent to the underlying provider or returned from - /// it by default. Applications are expected to apply rate limits on a per-user or per-session basis as needed. - /// - /// public async Task GetResponseAsync( IEnumerable messages, ChatOptions? options = null, CancellationToken cancellationToken = default) { @@ -142,20 +128,6 @@ public async Task GetResponseAsync( } /// - /// - /// - /// No prompt injection defense is performed by default for data within . - /// Applications are expected to implement guards against prompt injection attacks as needed. - /// - /// - /// There are no limits or restrictions imposed on data sizes sent to the underlying provider or returned from it - /// by default. Applications are expected to apply data size limits as needed. - /// - /// - /// There are no limits or restrictions imposed on the number of messages sent to the underlying provider or returned from - /// it by default. Applications are expected to apply rate limits on a per-user or per-session basis as needed. - /// - /// public async IAsyncEnumerable GetStreamingResponseAsync( IEnumerable messages, ChatOptions? options = null, [EnumeratorCancellation] CancellationToken cancellationToken = default) { diff --git a/src/Libraries/Microsoft.Extensions.AI.AzureAIInference/AzureAIInferenceExtensions.cs b/src/Libraries/Microsoft.Extensions.AI.AzureAIInference/AzureAIInferenceExtensions.cs index 40d2932dd08..eb1fbc7facb 100644 --- a/src/Libraries/Microsoft.Extensions.AI.AzureAIInference/AzureAIInferenceExtensions.cs +++ b/src/Libraries/Microsoft.Extensions.AI.AzureAIInference/AzureAIInferenceExtensions.cs @@ -9,6 +9,20 @@ namespace Microsoft.Extensions.AI; public static class AzureAIInferenceExtensions { /// Gets an for use with this . + /// + /// + /// No prompt injection defense is performed by default. Applications are expected to implement + /// guards against prompt injection attacks as needed. + /// + /// + /// There are no limits or restrictions imposed on data sizes sent to the underlying provider or returned from it + /// by default. Applications are expected to apply data size limits as needed. + /// + /// + /// There are no limits or restrictions imposed on the number of messages sent to the underlying provider or returned from + /// it by default. Applications are expected to apply rate limits on a per-user or per-session basis as needed. + /// + /// /// The client. /// The ID of the model to use. If , it can be provided per request via . /// An that can be used to converse via the . diff --git a/src/Libraries/Microsoft.Extensions.AI.Ollama/OllamaChatClient.cs b/src/Libraries/Microsoft.Extensions.AI.Ollama/OllamaChatClient.cs index 7e3790db478..84823d27e72 100644 --- a/src/Libraries/Microsoft.Extensions.AI.Ollama/OllamaChatClient.cs +++ b/src/Libraries/Microsoft.Extensions.AI.Ollama/OllamaChatClient.cs @@ -21,6 +21,20 @@ namespace Microsoft.Extensions.AI; /// Represents an for Ollama. +/// +/// +/// No prompt injection defense is performed by default. Applications are expected to implement +/// guards against prompt injection attacks as needed. +/// +/// +/// There are no limits or restrictions imposed on data sizes sent to the underlying provider or returned from it +/// by default. Applications are expected to apply data size limits as needed. +/// +/// +/// There are no limits or restrictions imposed on the number of messages sent to the underlying provider or returned from +/// it by default. Applications are expected to apply rate limits on a per-user or per-session basis as needed. +/// +/// public sealed class OllamaChatClient : IChatClient { private static readonly JsonElement _schemalessJsonResponseFormatValue = JsonDocument.Parse("\"json\"").RootElement; @@ -80,20 +94,6 @@ public JsonSerializerOptions ToolCallJsonSerializerOptions } /// - /// - /// - /// No prompt injection defense is performed by default for data within . - /// Applications are expected to implement guards against prompt injection attacks as needed. - /// - /// - /// There are no limits or restrictions imposed on data sizes sent to the underlying provider or returned from it - /// by default. Applications are expected to apply data size limits as needed. - /// - /// - /// There are no limits or restrictions imposed on the number of messages sent to the underlying provider or returned from - /// it by default. Applications are expected to apply rate limits on a per-user or per-session basis as needed. - /// - /// public async Task GetResponseAsync( IEnumerable messages, ChatOptions? options = null, CancellationToken cancellationToken = default) { @@ -132,20 +132,6 @@ public async Task GetResponseAsync( } /// - /// - /// - /// No prompt injection defense is performed by default for data within . - /// Applications are expected to implement guards against prompt injection attacks as needed. - /// - /// - /// There are no limits or restrictions imposed on data sizes sent to the underlying provider or returned from it - /// by default. Applications are expected to apply data size limits as needed. - /// - /// - /// There are no limits or restrictions imposed on the number of messages sent to the underlying provider or returned from - /// it by default. Applications are expected to apply rate limits on a per-user or per-session basis as needed. - /// - /// public async IAsyncEnumerable GetStreamingResponseAsync( IEnumerable messages, ChatOptions? options = null, [EnumeratorCancellation] CancellationToken cancellationToken = default) { diff --git a/src/Libraries/Microsoft.Extensions.AI.OpenAI/OpenAIChatClient.cs b/src/Libraries/Microsoft.Extensions.AI.OpenAI/OpenAIChatClient.cs index b76d191257f..c78b495393b 100644 --- a/src/Libraries/Microsoft.Extensions.AI.OpenAI/OpenAIChatClient.cs +++ b/src/Libraries/Microsoft.Extensions.AI.OpenAI/OpenAIChatClient.cs @@ -68,20 +68,6 @@ public OpenAIChatClient(ChatClient chatClient) } /// - /// - /// - /// No prompt injection defense is performed by default for data within . - /// Applications are expected to implement guards against prompt injection attacks as needed. - /// - /// - /// There are no limits or restrictions imposed on data sizes sent to the underlying provider or returned from it - /// by default. Applications are expected to apply data size limits as needed. - /// - /// - /// There are no limits or restrictions imposed on the number of messages sent to the underlying provider or returned from - /// it by default. Applications are expected to apply rate limits on a per-user or per-session basis as needed. - /// - /// public async Task GetResponseAsync( IEnumerable messages, ChatOptions? options = null, CancellationToken cancellationToken = default) { @@ -97,20 +83,6 @@ public async Task GetResponseAsync( } /// - /// - /// - /// No prompt injection defense is performed by default for data within . - /// Applications are expected to implement guards against prompt injection attacks as needed. - /// - /// - /// There are no limits or restrictions imposed on data sizes sent to the underlying provider or returned from it - /// by default. Applications are expected to apply data size limits as needed. - /// - /// - /// There are no limits or restrictions imposed on the number of messages sent to the underlying provider or returned from - /// it by default. Applications are expected to apply rate limits on a per-user or per-session basis as needed. - /// - /// public IAsyncEnumerable GetStreamingResponseAsync( IEnumerable messages, ChatOptions? options = null, CancellationToken cancellationToken = default) { diff --git a/src/Libraries/Microsoft.Extensions.AI.OpenAI/OpenAIClientExtensions.cs b/src/Libraries/Microsoft.Extensions.AI.OpenAI/OpenAIClientExtensions.cs index 81d2fe55a03..02f41d66ed1 100644 --- a/src/Libraries/Microsoft.Extensions.AI.OpenAI/OpenAIClientExtensions.cs +++ b/src/Libraries/Microsoft.Extensions.AI.OpenAI/OpenAIClientExtensions.cs @@ -14,18 +14,60 @@ namespace Microsoft.Extensions.AI; public static class OpenAIClientExtensions { /// Gets an for use with this . + /// + /// + /// No prompt injection defense is performed by default. Applications are expected to implement + /// guards against prompt injection attacks as needed. + /// + /// + /// There are no limits or restrictions imposed on data sizes sent to the underlying provider or returned from it + /// by default. Applications are expected to apply data size limits as needed. + /// + /// + /// There are no limits or restrictions imposed on the number of messages sent to the underlying provider or returned from + /// it by default. Applications are expected to apply rate limits on a per-user or per-session basis as needed. + /// + /// /// The client. /// An that can be used to converse via the . public static IChatClient AsIChatClient(this ChatClient chatClient) => new OpenAIChatClient(chatClient); /// Gets an for use with this . + /// + /// + /// No prompt injection defense is performed by default. Applications are expected to implement + /// guards against prompt injection attacks as needed. + /// + /// + /// There are no limits or restrictions imposed on data sizes sent to the underlying provider or returned from it + /// by default. Applications are expected to apply data size limits as needed. + /// + /// + /// There are no limits or restrictions imposed on the number of messages sent to the underlying provider or returned from + /// it by default. Applications are expected to apply rate limits on a per-user or per-session basis as needed. + /// + /// /// The client. /// An that can be used to converse via the . public static IChatClient AsIChatClient(this OpenAIResponseClient responseClient) => new OpenAIResponseChatClient(responseClient); /// Gets an for use with this . + /// + /// + /// No prompt injection defense is performed by default. Applications are expected to implement + /// guards against prompt injection attacks as needed. + /// + /// + /// There are no limits or restrictions imposed on data sizes sent to the underlying provider or returned from it + /// by default. Applications are expected to apply data size limits as needed. + /// + /// + /// There are no limits or restrictions imposed on the number of messages sent to the underlying provider or returned from + /// it by default. Applications are expected to apply rate limits on a per-user or per-session basis as needed. + /// + /// /// The client. /// An that can be used to transcribe audio via the . [Experimental("MEAI001")] From 373665c781dcf34c85429f59ff087c9c1c69065c Mon Sep 17 00:00:00 2001 From: Jeff Handley Date: Mon, 12 May 2025 09:59:08 -0700 Subject: [PATCH 5/5] Remove comments from implementations, leaving on IChatClient --- .../ChatCompletion/IChatClient.cs | 2 +- .../AzureAIInferenceExtensions.cs | 14 ------- .../OllamaChatClient.cs | 14 ------- .../OpenAIClientExtensions.cs | 42 ------------------- 4 files changed, 1 insertion(+), 71 deletions(-) diff --git a/src/Libraries/Microsoft.Extensions.AI.Abstractions/ChatCompletion/IChatClient.cs b/src/Libraries/Microsoft.Extensions.AI.Abstractions/ChatCompletion/IChatClient.cs index f1376076119..570eb7ef497 100644 --- a/src/Libraries/Microsoft.Extensions.AI.Abstractions/ChatCompletion/IChatClient.cs +++ b/src/Libraries/Microsoft.Extensions.AI.Abstractions/ChatCompletion/IChatClient.cs @@ -11,7 +11,7 @@ namespace Microsoft.Extensions.AI; /// Represents a chat client. /// /// -/// Applications must consider the risks of prompt injection attacks, data sizes, and the number of messages +/// Applications must consider risks such as prompt injection attacks, data sizes, and the number of messages /// sent to the underlying provider or returned from it. Unless a specific implementation /// explicitly documents safeguards for these concerns, the application is expected to implement appropriate protections. /// diff --git a/src/Libraries/Microsoft.Extensions.AI.AzureAIInference/AzureAIInferenceExtensions.cs b/src/Libraries/Microsoft.Extensions.AI.AzureAIInference/AzureAIInferenceExtensions.cs index eb1fbc7facb..40d2932dd08 100644 --- a/src/Libraries/Microsoft.Extensions.AI.AzureAIInference/AzureAIInferenceExtensions.cs +++ b/src/Libraries/Microsoft.Extensions.AI.AzureAIInference/AzureAIInferenceExtensions.cs @@ -9,20 +9,6 @@ namespace Microsoft.Extensions.AI; public static class AzureAIInferenceExtensions { /// Gets an for use with this . - /// - /// - /// No prompt injection defense is performed by default. Applications are expected to implement - /// guards against prompt injection attacks as needed. - /// - /// - /// There are no limits or restrictions imposed on data sizes sent to the underlying provider or returned from it - /// by default. Applications are expected to apply data size limits as needed. - /// - /// - /// There are no limits or restrictions imposed on the number of messages sent to the underlying provider or returned from - /// it by default. Applications are expected to apply rate limits on a per-user or per-session basis as needed. - /// - /// /// The client. /// The ID of the model to use. If , it can be provided per request via . /// An that can be used to converse via the . diff --git a/src/Libraries/Microsoft.Extensions.AI.Ollama/OllamaChatClient.cs b/src/Libraries/Microsoft.Extensions.AI.Ollama/OllamaChatClient.cs index 84823d27e72..210d8f7c92d 100644 --- a/src/Libraries/Microsoft.Extensions.AI.Ollama/OllamaChatClient.cs +++ b/src/Libraries/Microsoft.Extensions.AI.Ollama/OllamaChatClient.cs @@ -21,20 +21,6 @@ namespace Microsoft.Extensions.AI; /// Represents an for Ollama. -/// -/// -/// No prompt injection defense is performed by default. Applications are expected to implement -/// guards against prompt injection attacks as needed. -/// -/// -/// There are no limits or restrictions imposed on data sizes sent to the underlying provider or returned from it -/// by default. Applications are expected to apply data size limits as needed. -/// -/// -/// There are no limits or restrictions imposed on the number of messages sent to the underlying provider or returned from -/// it by default. Applications are expected to apply rate limits on a per-user or per-session basis as needed. -/// -/// public sealed class OllamaChatClient : IChatClient { private static readonly JsonElement _schemalessJsonResponseFormatValue = JsonDocument.Parse("\"json\"").RootElement; diff --git a/src/Libraries/Microsoft.Extensions.AI.OpenAI/OpenAIClientExtensions.cs b/src/Libraries/Microsoft.Extensions.AI.OpenAI/OpenAIClientExtensions.cs index 02f41d66ed1..81d2fe55a03 100644 --- a/src/Libraries/Microsoft.Extensions.AI.OpenAI/OpenAIClientExtensions.cs +++ b/src/Libraries/Microsoft.Extensions.AI.OpenAI/OpenAIClientExtensions.cs @@ -14,60 +14,18 @@ namespace Microsoft.Extensions.AI; public static class OpenAIClientExtensions { /// Gets an for use with this . - /// - /// - /// No prompt injection defense is performed by default. Applications are expected to implement - /// guards against prompt injection attacks as needed. - /// - /// - /// There are no limits or restrictions imposed on data sizes sent to the underlying provider or returned from it - /// by default. Applications are expected to apply data size limits as needed. - /// - /// - /// There are no limits or restrictions imposed on the number of messages sent to the underlying provider or returned from - /// it by default. Applications are expected to apply rate limits on a per-user or per-session basis as needed. - /// - /// /// The client. /// An that can be used to converse via the . public static IChatClient AsIChatClient(this ChatClient chatClient) => new OpenAIChatClient(chatClient); /// Gets an for use with this . - /// - /// - /// No prompt injection defense is performed by default. Applications are expected to implement - /// guards against prompt injection attacks as needed. - /// - /// - /// There are no limits or restrictions imposed on data sizes sent to the underlying provider or returned from it - /// by default. Applications are expected to apply data size limits as needed. - /// - /// - /// There are no limits or restrictions imposed on the number of messages sent to the underlying provider or returned from - /// it by default. Applications are expected to apply rate limits on a per-user or per-session basis as needed. - /// - /// /// The client. /// An that can be used to converse via the . public static IChatClient AsIChatClient(this OpenAIResponseClient responseClient) => new OpenAIResponseChatClient(responseClient); /// Gets an for use with this . - /// - /// - /// No prompt injection defense is performed by default. Applications are expected to implement - /// guards against prompt injection attacks as needed. - /// - /// - /// There are no limits or restrictions imposed on data sizes sent to the underlying provider or returned from it - /// by default. Applications are expected to apply data size limits as needed. - /// - /// - /// There are no limits or restrictions imposed on the number of messages sent to the underlying provider or returned from - /// it by default. Applications are expected to apply rate limits on a per-user or per-session basis as needed. - /// - /// /// The client. /// An that can be used to transcribe audio via the . [Experimental("MEAI001")]