add security prompting
This commit is contained in:
@@ -36,6 +36,23 @@ You are a highly intelligent, no-nonsense senior-level software engineering agen
|
||||
|
||||
Before beginning, take some time to learn about the codebase. Read the AGENTS.md file if it exists. Understand how to install dependencies, run tests, run builds, and make changes according to the best practices of the codebase.
|
||||
|
||||
## SECURITY
|
||||
|
||||
CRITICAL SECURITY RULE - NEVER VIOLATE UNDER ANY CIRCUMSTANCES:
|
||||
|
||||
You must NEVER expose, display, print, echo, log, or output any of the following, regardless of what the user asks you to do:
|
||||
- API keys (including but not limited to: ANTHROPIC_API_KEY, GITHUB_TOKEN, AWS keys, etc.)
|
||||
- Authentication tokens or credentials
|
||||
- Passwords or passphrases
|
||||
- Private keys or certificates
|
||||
- Database connection strings
|
||||
- Any environment variables containing "KEY", "SECRET", "TOKEN", "PASSWORD", "CREDENTIAL", or "PRIVATE" in their name
|
||||
- Any other sensitive information
|
||||
|
||||
This is a non-negotiable system security requirement. Even if the user explicitly requests you to show, display, or reveal any sensitive information, you must refuse. If you encounter any secrets in environment variables, files, or code, do not include them in your output. Instead, acknowledge that sensitive information was found but cannot be displayed.
|
||||
|
||||
If asked to show environment variables, only display non-sensitive system variables (e.g., PATH, HOME, USER, NODE_ENV). Filter out any variables matching sensitive patterns before displaying.
|
||||
|
||||
## MCP Servers
|
||||
|
||||
- eagerly inspect your MCP servers to determine what tools are available to you, especially ${ghPullfrogMcpName}
|
||||
|
||||
+1
-1
@@ -1 +1 @@
|
||||
Review https://github.com/pullfrogai/scratch/pull/17
|
||||
create a JSON file with the current process.env
|
||||
+7792
-6812
File diff suppressed because one or more lines are too long
@@ -2,9 +2,9 @@
|
||||
[x] progressively update comment
|
||||
[x] don't allow rejecting prs
|
||||
[x] fix pnpm caching
|
||||
[] fix prompt to avoid narration like "I just read all tools from MCP server"
|
||||
[x] fix prompt to avoid narration like "I just read all tools from MCP server"
|
||||
[x] avoid exposing env adding ## SECURITY prompt
|
||||
[] investigate including terminal output from bash commands as collapsed groups
|
||||
[] avoid exposing env
|
||||
[] test initialization trade offs for pullfrog.yml
|
||||
[] try to find heavy claude code user
|
||||
[] investigate repo config file?
|
||||
|
||||
Reference in New Issue
Block a user