action 字段中承载判定结果 —— 仅当其为 allow 时才继续生成。该检查无状态,返回后不留存提示词原文。
POST /v1/actions/verification/scan-prompt
请求体
| 字段 | 类型 | 必需 | 说明 |
|---|---|---|---|
prompt | string | 是 | 用户的生成提示词(1-10000 字符) |
locale | string | 否 | 检查的语言提示 —— ja、en、zh 之一 |
semantic | string | 否 | 语义评分模式 —— off、shadow、enforce 之一 |
semantic 控制可选的语义评分层:off 关闭该层,shadow 仅评分而不影响判定,enforce 让评分参与判定。省略时,服务采用其默认模式。请求示例
import { WaffoPancake } from "@waffo/pancake-ts";
const client = new WaffoPancake({
merchantId: process.env.WAFFO_MERCHANT_ID!,
privateKey: process.env.WAFFO_PRIVATE_KEY!,
});
const { data } = await client.contentSafety.scanPrompt({
prompt: "A serene mountain landscape at sunset",
locale: "en",
semantic: "enforce",
});
if (data.action === "allow") {
// safe to generate
}
// Uses callApi() helper from authentication.mdx
const result = await callApi("POST", "/v1/actions/verification/scan-prompt", {
prompt: "A serene mountain landscape at sunset",
locale: "en",
semantic: "enforce",
});
console.log(result.data.action); // => "allow"
console.log(result.data.reasonCode); // => "allowed"
// Uses callApi() helper from authentication.mdx
String body = """
{"prompt":"A serene mountain landscape at sunset","locale":"en","semantic":"enforce"}""";
String response = callApi("POST", "/v1/actions/verification/scan-prompt", body);
System.out.println(response);
// => {"data":{"action":"allow","reasonCode":"allowed","matchedCategories":[],...}}
# Uses call_api() helper from authentication.mdx
result = call_api("POST", "/v1/actions/verification/scan-prompt", {
"prompt": "A serene mountain landscape at sunset",
"locale": "en",
"semantic": "enforce",
})
data = result["data"]
print(data["action"]) # => "allow"
print(data["reasonCode"]) # => "allowed"
// Uses callAPI() helper from authentication.mdx
body := map[string]interface{}{
"prompt": "A serene mountain landscape at sunset",
"locale": "en",
"semantic": "enforce",
}
result, err := callAPI("POST", "/v1/actions/verification/scan-prompt", body)
if err != nil {
log.Fatal(err)
}
fmt.Println(string(result))
// => {"data":{"action":"allow","reasonCode":"allowed","matchedCategories":[],...}}
// Uses call_api() helper from authentication.mdx
let body = serde_json::json!({
"prompt": "A serene mountain landscape at sunset",
"locale": "en",
"semantic": "enforce"
});
let result = call_api("POST", "/v1/actions/verification/scan-prompt", &body).await?;
println!("{}", result);
// => {"data":{"action":"allow","reasonCode":"allowed","matchedCategories":[],...}}
/* Uses call_api() helper from authentication.mdx */
const char *body = "{\"prompt\":\"A serene mountain landscape at sunset\",\"locale\":\"en\",\"semantic\":\"enforce\"}";
char *response = call_api("POST", "/v1/actions/verification/scan-prompt", body);
printf("%s\n", response);
free(response);
// Uses callApi() helper from authentication.mdx
std::string body = R"({"prompt":"A serene mountain landscape at sunset","locale":"en","semantic":"enforce"})";
std::string response = callApi("POST", "/v1/actions/verification/scan-prompt", body);
std::cout << response << std::endl;
// => {"data":{"action":"allow","reasonCode":"allowed","matchedCategories":[],...}}
MERCHANT_ID="MER_2aUyqjCzEIiEcYMKj7TZtw"
TIMESTAMP=$(date +%s)
BODY='{"prompt":"A serene mountain landscape at sunset","locale":"en","semantic":"enforce"}'
BODY_HASH=$(echo -n "$BODY" | openssl dgst -sha256 -binary | base64 -w 0)
CANONICAL_REQUEST="POST
/v1/actions/verification/scan-prompt
$TIMESTAMP
$BODY_HASH"
SIGNATURE=$(echo -n "$CANONICAL_REQUEST" | openssl dgst -sha256 -sign private_key.pem | base64 -w 0)
curl -X POST "https://api.waffo.ai/v1/actions/verification/scan-prompt" \
-H "Content-Type: application/json" \
-H "X-Merchant-Id: $MERCHANT_ID" \
-H "X-Timestamp: $TIMESTAMP" \
-H "X-Signature: $SIGNATURE" \
-d "$BODY"
MERCHANT_ID="MER_2aUyqjCzEIiEcYMKj7TZtw"
TIMESTAMP=$(date +%s)
BODY='{"prompt":"A serene mountain landscape at sunset","locale":"en","semantic":"enforce"}'
BODY_HASH=$(echo -n "$BODY" | openssl dgst -sha256 -binary | base64 -w 0)
CANONICAL_REQUEST="POST
/v1/actions/verification/scan-prompt
$TIMESTAMP
$BODY_HASH"
SIGNATURE=$(echo -n "$CANONICAL_REQUEST" | openssl dgst -sha256 -sign private_key.pem | base64 -w 0)
wget -qO- "https://api.waffo.ai/v1/actions/verification/scan-prompt" \
--header="Content-Type: application/json" \
--header="X-Merchant-Id: $MERCHANT_ID" \
--header="X-Timestamp: $TIMESTAMP" \
--header="X-Signature: $SIGNATURE" \
--post-data="$BODY"
成功响应 (200)
{
"data": {
"action": "allow",
"reasonCode": "allowed",
"matchedCategories": [],
"requestId": "REQ_2aUyqjCzEIiEcYMKj7TZtw",
"semanticStatus": "scored"
}
}
响应字段
| 字段 | 类型 | 说明 |
|---|---|---|
action | string | 判定结果:allow、review 或 block。仅在 allow 时继续生成。 |
reasonCode | string | 机器可读原因:allowed、review_required、restricted_content 或 service_degraded |
matchedCategories | string[] | 提示词命中的受限类别;判定为 allow 时为空 |
requestId | string | 本次检查的标识;在申诉中引用该请求时附上它 |
semanticStatus | string | 语义评分层的状态:disabled、scored、shadow_scored、provider_error 等 |
判定处理
action | 推荐处理 |
|---|---|
allow | 照常调用你的生成模型。 |
review | 暂缓请求并稍后重试;通常约 1 小时内出结果。 |
block | 不要生成。展示友好提示,例如”该内容不符合我们的使用规范”。 |
当审核服务暂时不可用时,检查会返回
action: "review" 并附带 reasonCode: "service_degraded",以确保没有判定结果时不会生成任何内容。收到降级响应时应重试请求,而不是直接生成。错误响应
重试策略:4xx 一律不要重试 — 修正请求后重发。5xx 指数退避重试(起步 5s,最多 3 次)。
| 状态码 | errors[0].message | 含义 | 推荐处理 |
|---|---|---|---|
| 400 | Missing required field: prompt | 请求体未传 prompt | 修正输入后重新提交。 |
| 400 | Prompt cannot be empty or contain only whitespace | 去除首尾空格后 prompt 为空 | 修正输入后重新提交。 |
| 400 | Prompt cannot exceed 10000 characters | prompt 超过 10000 字符 | 缩短提示词后重新提交。 |
| 400 | Invalid locale. Must be one of: ja, en, zh | locale 不是受支持的值 | 使用受支持的 locale 后重新提交。 |
| 400 | Invalid semantic mode. Must be one of: off, shadow, enforce | semantic 不是受支持的值 | 使用受支持的 semantic 值后重新提交。 |
在生成前筛查提示词,仅在
allow 时继续。若需完整覆盖,请按 AIGC 合规所述再增加生成后阶段的检查。