{"title":"Agent Tool-Output Sanitization","region":"Global","category":"Security","description":"Scrub and validate data returned by external tools before it enters the LLM context to prevent indirect injection.","lastUpdated":"2026-02-26","steps":["Validate tool output against expected JSON/Type schema (e.g., Zod or Pydantic).","Scrub PII, credentials, or internal secrets (tokens, keys) from raw tool responses.","Truncate excessive output strings to prevent context window exhaustion.","Neutralize hidden instructions or prompt-injection triggers within tool data.","Convert complex API objects into flat, LLM-readable text representations.","Log sanitization events where data was altered or dropped for security."],"url":"https://checklist.day/agent-tool-output-sanitization"}