f7ccda739f
Param values for matter_id and clause are interpolated directly into the steering-prompt templates. Their patterns previously permitted spaces, which would let a hostile document smuggle a natural-language sentence into the prompt through a field that looks like an ID. Restrict both to slug shape (no spaces); descriptive context belongs in the note/event fields, which are never interpolated and are wrapped in the data frame. Also render templates via format_map with an empty-string default so an optional param the template references (e.g. playbook_monitor's clause) degrades gracefully instead of raising KeyError, and ignore __pycache__. |
||
|---|---|---|
| .. | ||
| deploy-managed-agent.sh | ||
| lint-tool-scope.py | ||
| orchestrate.py | ||
| test-cookbooks.sh | ||
| validate.py | ||