Fix PII detection to scan all message roles (#25)
Previously, PII detection only scanned the last user message initially,
then did a full scan only if PII was found. This caused PII in system
messages (e.g., RAG context from PDFs) to be missed entirely when the
user message contained no PII.
Changes:
- Consolidate analyzeMessages() to always scan all messages
- Scan system, developer, user, and assistant roles
- Remove analyzeAllMessages() as it's no longer needed
- Simplify decision.ts by removing the redundant full scan call
This ensures PII in system messages (common in RAG patterns) is properly
detected and masked before being sent to upstream LLMs.
Fixes #17
git.99rst.org / sgasser-llm-shield.git / commit