fix(ops): 添加 token 相关字段白名单避免误脱敏

在敏感字段检测中添加白名单，排除 API 参数和用量统计字段： - max_tokens, max_completion_tokens, max_output_tokens - completion_tokens, prompt_tokens, total_tokens - input_tokens, output_tokens - cache_creation_input_tokens, cache_read_input_tokens 这些字段名虽然包含 "token" 但只是数值参数，不应被脱敏处理。

fix(ops): 添加 token 相关字段白名单避免误脱敏
在敏感字段检测中添加白名单，排除 API 参数和用量统计字段： - max_tokens, max_completion_tokens, max_output_tokens - completion_tokens, prompt_tokens, total_tokens - input_tokens, output_tokens - cache_creation_input_tokens, cache_read_input_tokens 这些字段名虽然包含 "token" 但只是数值参数，不应被脱敏处理。
9f4c1ef9 · shaw · bd7fdb5e · 9f4c1ef9
Commit 9f4c1ef9 authored Feb 06, 2026 by shaw
--- a/backend/internal/service/ops_service.go
+++ b/backend/internal/service/ops_service.go
@@ -424,6 +424,16 @@ func isSensitiveKey(key string) bool {
 		return false
 	}

+	// Whitelist: known non-sensitive fields that contain sensitive substrings
+	// (e.g., "max_tokens" contains "token" but is just an API parameter).
+	switch k {
+	case "max_tokens", "max_completion_tokens", "max_output_tokens",
+		"completion_tokens", "prompt_tokens", "total_tokens",
+		"input_tokens", "output_tokens",
+		"cache_creation_input_tokens", "cache_read_input_tokens":
+		return false
+	}
+
 	// Exact matches (common credential fields).
 	switch k {
 	case "authorization",