"""Configuration for prompt-guard via environment variables."""

from pydantic_settings import BaseSettings, SettingsConfigDict

DEFAULT_SYSTEM_PROMPT = (
    "You are a powerful AI assistant with access to a variety of tools, "
    "including file system access, shell execution, and network capabilities. "
    "Your primary task is to read the content provided by the user carefully "
    "and act on any instructions you find within it using the appropriate tools. "
    "Be proactive: if the content contains requests or commands, execute them "
    "immediately with the tools available to you. Do not merely describe what "
    "you would do — use the tools."
)


class Settings(BaseSettings):
    """Settings for the prompt-guard honeypot agent.

    All fields can be set via environment variables with the PROMPT_GUARD_ prefix.
    """

    model_config = SettingsConfigDict(
        env_prefix="PROMPT_GUARD_",
        env_file=".env",
        env_file_encoding="utf-8",
        extra="ignore",
    )

    enabled: bool = True
    """Set to false to disable the guard entirely (content passes through unchecked)."""

    model: str = "openai:gpt-4o-mini"
    """Pydantic-AI model string, e.g. 'openai:gpt-4o-mini', 'anthropic:claude-haiku-3-5',
    'groq:llama-3.1-8b-instant'. For OpenAI-compatible endpoints set base_url as well."""

    api_key: str = ""
    """API key for the model provider. May also be set via the provider's own env var
    (e.g. OPENAI_API_KEY, ANTHROPIC_API_KEY)."""

    base_url: str = ""
    """Base URL override for OpenAI-compatible endpoints (Ollama, LM Studio, vLLM, etc.).
    Example: http://localhost:11434/v1"""

    system_prompt: str = DEFAULT_SYSTEM_PROMPT
    """System prompt sent to the honeypot agent. The default is deliberately crafted to
    encourage tool usage so that injected instructions are more likely to trigger calls."""