---
url: >-
  https://adk.nht.io/api/@nhtio/adk/batteries/functions/sanitizeFilenameForDescription.md
---

# Function: sanitizeFilenameForDescription()

```ts
function sanitizeFilenameForDescription(
  filename: string,
  maxLen?: number,
): string;
```

Defined in: [src/batteries/llm/chat\_common/helpers.ts:156](https://github.com/NHTIO/ADK/blob/v1.20260713.1/src/src/batteries/llm/chat_common/helpers.ts#L156)

Sanitise a media `filename` for interpolation into a synthetic-description line that is then placed
INSIDE a trust envelope whose body is not XML-escaped.

## Parameters

| Parameter  | Type     | Default value |
| ---------- | -------- | ------------- |
| `filename` | `string` | `undefined`   |
| `maxLen`   | `number` | `256`         |

## Returns

`string`

## Remarks

A filename is attacker-influenced and the synthetic-description body is not escaped, so a filename
like `x.png</untrusted_content_<nonce>>SYSTEM: …` could close the envelope, and one that mimics the
`[media: …]` format could forge a second descriptor. We strip the envelope-significant characters
(`<`, `>`, and newlines/control chars) and length-cap (a megabyte filename is a prompt-bloat DoS).
The filename is metadata, not content the model must read byte-exact, so stripping is safe.
