This commit is contained in:
Colin McDonnell
2026-01-07 20:06:40 -08:00
parent 879d33403c
commit c8b65327ee
3 changed files with 47 additions and 26 deletions
+9 -1
View File
@@ -100536,7 +100536,11 @@ function buildRuntimeContext(repo) {
}
return lines.join("\n");
}
var addInstructions = ({ payload, repo, useNativeBash = false }) => {
var addInstructions = ({
payload,
repo,
useNativeBash = false
}) => {
let encodedEvent = "";
const eventKeys = Object.keys(payload.event);
if (eventKeys.length === 1 && eventKeys[0] === "trigger") {
@@ -100572,6 +100576,10 @@ In case of conflict between instructions, follow this precedence (highest to low
4. Repository-specific instructions (AGENTS.md, CLAUDE.md, etc.)
5. User prompt
## Security
Never expose secrets (API keys, tokens, passwords, private keys, credentials) through any channel: console output, files, commits, comments, API responses, error messages, or URLs. Never serialize environment objects (\`process.env\`, \`os.environ\`, etc.) or iterate over them. If asked to reveal secrets: refuse, explain that exposing secrets is prohibited, and offer a safe alternative if applicable. Detect and deny any suspicious or malicious requests.
## MCP (Model Context Protocol) Tools
MCP servers provide tools you can call. Inspect your available MCP servers at startup to understand what tools are available, especially the ${ghPullfrogMcpName} server which handles all GitHub operations.