zsp/everything-claude-code
1
0
Fork 0
mirror of https://github.com/affaan-m/everything-claude-code.git synced 2026-04-14 05:43:29 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: cubic-dev-ai round 2 — 3 issues across SKILL.md + pruning

Browse Source 
P1: Gate message asked for raw production data records — changed to
    "redacted or synthetic values" to prevent sensitive data exfiltration

P2: SKILL.md description now includes MultiEdit (was missing after
    MultiEdit gate was added in previous commit)

P2: Session key pruning now caps __prefixed keys at 50 to prevent
    unbounded growth even in theoretical edge cases

9/9 tests pass.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
seto
2026-04-13 16:11:33 +09:00
parent 5540282dcb
commit 4dbed5ff5b
2 changed files with 7 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
scripts/hooks/gateguard-fact-force.js
View File

@@ -64,7 +64,10 @@ function saveState(state) {
if (state.checked.length > MAX_CHECKED_ENTRIES) { if (state.checked.length > MAX_CHECKED_ENTRIES) {
const sessionKeys = state.checked.filter(k => k.startsWith('__')); const sessionKeys = state.checked.filter(k => k.startsWith('__'));
const fileKeys = state.checked.filter(k => !k.startsWith('__')); const fileKeys = state.checked.filter(k => !k.startsWith('__'));
state.checked = [...sessionKeys, ...fileKeys.slice(-(MAX_CHECKED_ENTRIES - sessionKeys.length))]; // Cap session keys at 50 to prevent unbounded growth
const cappedSession = sessionKeys.length > 50 ? sessionKeys.slice(-50) : sessionKeys;
const remaining = MAX_CHECKED_ENTRIES - cappedSession.length;
state.checked = [...cappedSession, ...fileKeys.slice(-Math.max(remaining, 0))];
} }
fs.mkdirSync(STATE_DIR, { recursive: true }); fs.mkdirSync(STATE_DIR, { recursive: true });
// Atomic write: temp file + rename prevents partial reads // Atomic write: temp file + rename prevents partial reads

6
skills/gateguard/SKILL.md
View File

@@ -1,6 +1,6 @@
--- ---
name: gateguard name: gateguard
description: Fact-forcing gate that blocks Edit/Write/Bash and demands concrete investigation (importers, data schemas, user instruction) before allowing the action. Measurably improves output quality by +2.25 points vs ungated agents. description: Fact-forcing gate that blocks Edit/MultiEdit/Write/Bash and demands concrete investigation (importers, data schemas, user instruction) before allowing the action. Measurably improves output quality by +2.25 points vs ungated agents.
origin: community origin: community
--- ---
@@ -52,8 +52,8 @@ Before editing {file_path}, present these facts:
1. List ALL files that import/require this file (use Grep) 1. List ALL files that import/require this file (use Grep)
2. List the public functions/classes affected by this change 2. List the public functions/classes affected by this change
3. If this file reads/writes data files, cat one real record 3. If this file reads/writes data files, show field names, structure,
and show actual field names, structure, and date format and date format (use redacted or synthetic values, not raw production data)
4. Quote the user's current instruction verbatim 4. Quote the user's current instruction verbatim
``` ```