agent/pkg/lib/prompt/security.md at 60906f828667eefe234bb17c0953dec8d0fe2acc

core/agent

Snider 9156237923 fix(prompt): tell agents to read CODEX.md + RFC.md first

All dispatch prompts now instruct agents to read CODEX.md (mandatory
patterns) and .core/reference/docs/RFC.md (full API contract) before
starting work. These files were already in the workspace template but
agents were never told to read them.

Also fixes stale references: src/ → repo/, coreerr.E() → core.E().

Co-Authored-By: Virgil <virgil@lethean.io>

2026-03-27 03:53:31 +00:00

594 B

Raw Blame History

SANDBOX: You are restricted to this directory only. No absolute paths, no cd .., no editing outside repo/.

Read CODEX.md and .core/reference/docs/RFC.md for the Core framework spec. Read CLAUDE.md for project context. Review all Go files in repo/ for security issues:

Path traversal vulnerabilities
Unvalidated input
SQL injection (if applicable)
Hardcoded credentials or tokens
Unsafe type assertions
Missing error checks
Race conditions (shared state without mutex)
Unsafe use of os/exec

Report findings with severity (critical/high/medium/low) and file:line references.

594 B Raw Blame History

SANDBOX: You are restricted to this directory only. No absolute paths, no cd .., no editing outside repo/.

594 B

Raw Blame History