Shrine

Best place to sanitize the JSON data of uploaded file

The input field for the JSON of a cached uploaded file, me be subject to abuse.
I want to filter invalid characters in filename, like \n, \r, or invalid windows characters; limit the filename size; impose other limits to the received metadata because the user may send MB of metadata garbage that ends up stored inside the database; sanitize and reinforce security for provided id and storage keys.

I’m trying to figure out the best place to make this filtering of the JSON contents.
If a have a model with an image attribute, maybe add a validation to image_data attribute, but when this attribute will be picked up or updated by shrine?
I think the best place should be inside ImageUploader where the file validations are performed, but I don’t know where to catch the JSON before is processed by shrine.
One possibility is sanitizing inside the app controller, as reinforcement of the accepted strong params as my concern start with the param that is comming in, but that does not fell right and should be a validation of model record attribute like any other.

I appreciate any suggestions.
Thank you.