zsp/everything-claude-code
1
0
Fork 0
mirror of https://github.com/affaan-m/everything-claude-code.git synced 2026-05-01 06:23:28 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
b6a7f8ab0c4486a291fc6e9cbe727f1f439869b4
everything-claude-code/tests/ci/agent-instruction-safety.test.js
Affaan Mustafa c9962bf83e fix: harden agent instruction surfaces
2026-04-30 09:39:54 -04:00

99 lines
2.5 KiB
JavaScript
Raw Blame History

#!/usr/bin/env node
/**
* Validate safety guardrails on agent-facing instruction artifacts.
*/
const assert = require('assert');
const fs = require('fs');
const path = require('path');
const repoRoot = path.resolve(__dirname, '..', '..');
const guardrails = [
{
path: '.codex/AGENTS.md',
heading: '## External Action Boundaries',
requiredPatterns: [
/read-only by default/i,
/explicit user approval/i,
/posting, publishing, pushing, merging/i,
],
},
{
path: '.kiro/skills/search-first/SKILL.md',
heading: '## Scope and Approval Rules',
requiredPatterns: [
/Default to read-only research/i,
/Do not install packages/i,
/approval checkpoint/i,
],
},
{
path: 'skills/autonomous-agent-harness/SKILL.md',
heading: '## Consent and Safety Boundaries',
requiredPatterns: [
/explicitly requested and scoped/i,
/Do not create schedules/i,
/Prefer dry-run plans/i,
],
},
{
path: 'skills/defi-amm-security/SKILL.md',
heading: '## Execution Safety',
requiredPatterns: [
/local audit examples/i,
/trusted checkout or disposable sandbox/i,
/private keys, seed phrases/i,
],
},
{
path: '.agents/skills/frontend-patterns/SKILL.md',
heading: '## Privacy and Data Boundaries',
requiredPatterns: [
/synthetic or domain-generic data/i,
/Do not collect, log, persist, or display/i,
/analytics, tracking pixels/i,
],
},
];
function test(name, fn) {
try {
fn();
console.log(`${name}`);
return true;
} catch (error) {
console.log(`${name}`);
console.log(` Error: ${error.message}`);
return false;
}
}
function read(relativePath) {
return fs.readFileSync(path.join(repoRoot, relativePath), 'utf8');
}
function run() {
console.log('\n=== Testing agent instruction safety guardrails ===\n');
let passed = 0;
let failed = 0;
if (test('flagged instruction artifacts keep scoped safety sections', () => {
for (const guardrail of guardrails) {
const source = read(guardrail.path);
assert.ok(source.includes(guardrail.heading), `${guardrail.path} missing ${guardrail.heading}`);
for (const pattern of guardrail.requiredPatterns) {
assert.ok(pattern.test(source), `${guardrail.path} missing ${pattern}`);
}
}
})) passed++; else failed++;
console.log(`\nPassed: ${passed}`);
console.log(`Failed: ${failed}`);
process.exit(failed > 0 ? 1 : 0);
}
run();
Reference in New Issue View Git Blame Copy Permalink