From 1c22d06566aa75d1c18bfb819a4a3df0ebc8ddd9 Mon Sep 17 00:00:00 2001 From: ReachableCEO Date: Wed, 17 Sep 2025 11:27:13 -0500 Subject: [PATCH] governance: add Quiet Shell/No Streaming policy; update AGENTS templates; add audit advisory for noisy commands; log in DevLog --- docs/devlog/DEVLOG_LLM.md | 8 ++++++++ meta/AGENTS.seed.llm.md | 1 + meta/AGENTS.seed.md | 1 + prompts/global/system.llm.md | 4 ++++ prompts/global/system.md | 5 +++++ scripts/audit.sh | 7 +++++++ templates/project/_shared/AGENTS.md | 1 + 7 files changed, 27 insertions(+) diff --git a/docs/devlog/DEVLOG_LLM.md b/docs/devlog/DEVLOG_LLM.md index dd47922..4c8b170 100644 --- a/docs/devlog/DEVLOG_LLM.md +++ b/docs/devlog/DEVLOG_LLM.md @@ -230,3 +230,11 @@ This log is concise and structured for quick machine parsing and summarization. - Enhanced audit script to check sequencing gates and warn when pending - next: - Await “Approved for Plan” on 02-branching proposal before executing the plan + +## 2025-09-17T17:34Z +- context: Silence chat streaming of file contents/diffs +- actions: + - Strengthened system prompts and templates with “Quiet Shell/No Streaming” rules + - Added audit advisory to flag usage of `cat`/`sed -n` in scripts +- next: + - Avoid printing file contents via shell; log details to DevLog when needed diff --git a/meta/AGENTS.seed.llm.md b/meta/AGENTS.seed.llm.md index 939e289..773a8b6 100644 --- a/meta/AGENTS.seed.llm.md +++ b/meta/AGENTS.seed.llm.md @@ -4,6 +4,7 @@ - Gates: human `.md` must include exact phrases — Questions: "Approved for Proposal"; Proposal: "Approved for Plan"; Plan: "Approved to Implement". - Read `.llm.md` only; write both `.md` and `.llm.md` siblings for collab artifacts. - Chat ≤5 lines; default “Updated …”; no diffs; announce only collab file changes; log details in `docs/devlog/`. + - Quiet shell: avoid `cat`/`sed` outputs; use silent checks; log details to DevLog files. - Keep changes minimal and focused; adopt TDD (tests first); require unit/integration tests for all features; consistent style. - Git: Conventional Commits; branch `main`; optional tags `YYYY-MM-DD-HHMM`. - Tools: file-first; use `rg`; read ≤250 lines; respect sandbox/approvals; preface grouped commands. diff --git a/meta/AGENTS.seed.md b/meta/AGENTS.seed.md index 60b40e3..28f4918 100644 --- a/meta/AGENTS.seed.md +++ b/meta/AGENTS.seed.md @@ -38,6 +38,7 @@ Note: This is a template copied into generated projects. Customize as needed for - Default message: `Updated . Read/edit and let me know.` - Keep chat ≤5 lines; no diffs or large pastes. - Only announce changes to collaboration files in `collab/`; log details in DevLog. + - Quiet shell: avoid streaming file contents/diffs; prefer silent checks and log details to DevLog. ## Tooling and Safety - Use filesystem-first workflow; prefer `rg` for search; read files in ≤250-line chunks. diff --git a/prompts/global/system.llm.md b/prompts/global/system.llm.md index ebc8a49..cba45e3 100644 --- a/prompts/global/system.llm.md +++ b/prompts/global/system.llm.md @@ -48,3 +48,7 @@ -- Audits -- - Run regular audits and prompt user before release tags. Record results in `docs/audits/`; summarize in DevLog. + +-- Quiet Shell/No Streaming -- +- Never stream file contents/diffs in chat. Avoid `cat`/`sed` outputs. +- Use silent checks (exit codes, `grep -q`); log details in DevLog files. diff --git a/prompts/global/system.md b/prompts/global/system.md index 4e10ebc..5355ecb 100644 --- a/prompts/global/system.md +++ b/prompts/global/system.md @@ -31,6 +31,11 @@ You are a coding agent running in the Codex CLI (terminal-based). Be precise, sa - Only announce changes to `collab/questions/`, `collab/proposals/`, and `collab/plan/`. Log all other details in `docs/devlog/`. - Provide brief preambles before grouped tool calls. +## Quiet Shell and No Streaming +- Do not stream file contents or diffs into chat. Avoid `cat`/`sed` output in chat. +- Prefer silent checks (e.g., `grep -q`, exit codes) and write details to DevLog files if needed. +- If content must be inspected, avoid printing it to chat; summarize findings in DevLog and reference the file. + ## Dev Logs and Docs - Maintain `docs/devlog/DEVLOG_LLM.md` and `docs/devlog/DEVLOG_HUMAN.md`. Add an entry for each meaningful change. - Keep `README.md` up to date for quickstart and usage. diff --git a/scripts/audit.sh b/scripts/audit.sh index d57ac19..2acaaff 100644 --- a/scripts/audit.sh +++ b/scripts/audit.sh @@ -38,6 +38,13 @@ check "Gitea workflow exists" test -f .gitea/workflows/ci.yml # Docker compose for local parity check "docker/compose.yml exists" test -f docker/compose.yml +# Quiet shell policy (advisory): ensure no scripted chat streaming helpers exist +if command -v rg >/dev/null 2>&1; then + if rg -n "\b(cat|sed\s+-n)\b" scripts 2>/dev/null | grep -v audit.sh >/dev/null 2>&1; then + echo "[warn] scripts contain cat/sed -n; ensure these are not used to stream contents into chat" >&2 + fi +fi + # Sequencing gates: for each plan, ensure corresponding proposal approved; for each proposal, ensure questions approved status_warn=0 for plan in collab/plan/*.md; do diff --git a/templates/project/_shared/AGENTS.md b/templates/project/_shared/AGENTS.md index 7395f52..661666b 100644 --- a/templates/project/_shared/AGENTS.md +++ b/templates/project/_shared/AGENTS.md @@ -19,6 +19,7 @@ This file is copied by scaffolding into new projects. Edit to suit the project w ## Chat Output Policy - Default: `Updated . Read/edit and let me know.` - Keep chat ≤5 lines; no diffs; announce only collab file changes; log details in DevLog. + - Quiet shell: avoid printing file contents/diffs; prefer silent checks and DevLog summaries. ## Coding, Tests, and Git - Minimal, focused changes; adopt TDD (write tests first) and require unit/integration tests for all features; consistent style.