53482cb0c8
- Move pkg/prompts/lib → pkg/lib (prompt, task, flow, persona, workspace) - New lib.go: unified package with ExtractWorkspace() using text/template - Workspace templates: default, security, review — .tmpl files with data injection - prep.go: uses lib.ExtractWorkspace() + detect helpers for language/build/test - prompts.go: thin re-export wrapper for backwards compat Co-Authored-By: Virgil <virgil@lethean.io>
517 B
517 B
SANDBOX: You are restricted to this directory only. No absolute paths, no cd .., no editing outside src/.
Read CLAUDE.md for project context. Review all Go files in src/ for security issues:
- Path traversal vulnerabilities
- Unvalidated input
- SQL injection (if applicable)
- Hardcoded credentials or tokens
- Unsafe type assertions
- Missing error checks
- Race conditions (shared state without mutex)
- Unsafe use of os/exec
Report findings with severity (critical/high/medium/low) and file:line references.