epimetheus: sanitize learnings before prompt injection (Ganymede review)
Learnings file content now passes through sanitize_message() before injection into the Opus prompt. Prevents prompt injection via crafted "corrections." Rio UUID 5551F5AF confirmed as current Teleo v4 Rio. Pentagon-Agent: Epimetheus <3D35839A-7722-4740-B93D-51157F7D5E70>
This commit is contained in:
parent
1b4c6f8d72
commit
e921eda0a0
1 changed files with 3 additions and 2 deletions
|
|
@ -202,9 +202,10 @@ def _git_commit_archive(archive_path, filename: str):
|
||||||
|
|
||||||
|
|
||||||
def _load_learnings() -> str:
|
def _load_learnings() -> str:
|
||||||
"""Load Rio's learnings file for prompt injection."""
|
"""Load Rio's learnings file for prompt injection. Sanitized (Ganymede: prompt injection risk)."""
|
||||||
try:
|
try:
|
||||||
return Path(LEARNINGS_FILE).read_text()[:3000] # Cap at 3K chars for prompt budget
|
raw = Path(LEARNINGS_FILE).read_text()[:3000]
|
||||||
|
return sanitize_message(raw) # Same sanitization as user messages
|
||||||
except Exception:
|
except Exception:
|
||||||
return ""
|
return ""
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue