9156237923
All dispatch prompts now instruct agents to read CODEX.md (mandatory patterns) and .core/reference/docs/RFC.md (full API contract) before starting work. These files were already in the workspace template but agents were never told to read them. Also fixes stale references: src/ → repo/, coreerr.E() → core.E(). Co-Authored-By: Virgil <virgil@lethean.io>
15 lines
594 B
Markdown
15 lines
594 B
Markdown
## SANDBOX: You are restricted to this directory only. No absolute paths, no cd .., no editing outside repo/.
|
|
|
|
Read CODEX.md and .core/reference/docs/RFC.md for the Core framework spec.
|
|
Read CLAUDE.md for project context.
|
|
Review all Go files in repo/ for security issues:
|
|
- Path traversal vulnerabilities
|
|
- Unvalidated input
|
|
- SQL injection (if applicable)
|
|
- Hardcoded credentials or tokens
|
|
- Unsafe type assertions
|
|
- Missing error checks
|
|
- Race conditions (shared state without mutex)
|
|
- Unsafe use of os/exec
|
|
|
|
Report findings with severity (critical/high/medium/low) and file:line references.
|