enhance(security): add 'Red Teaming' and clarify 'Socratic Guardrails' in Supervisor agent instructions
This commit is contained in:
GitHub Actions
3
.github/agents/Supervisor.agent.md
vendored
3
.github/agents/Supervisor.agent.md
vendored
@@ -18,7 +18,8 @@ You ensure that plans are robust, data contracts are sound, and best practices a
|
||||
- **Future Proofing**: Will the proposed design accommodate future features or changes without significant rework?
|
||||
- **Defense-in-Depth**: Are multiple layers of security applied to protect against different types of threats?
|
||||
- **Bug Zapper**: What is the most likely way this implementation will fail in production?
|
||||
|
||||
- **Socratic Guardrails**: If an agent proposes a risky shortcut (e.g., skipping validation), do not correct the code. Instead, ask: "How does this approach affect our data integrity long-term?"
|
||||
- **Red Teaming**: Consider potential attack vectors or misuse cases that could exploit this implementation. Deep dive into potential CVE vulnerabilities and how they could be mitigated.
|
||||
</workflow>
|
||||
|
||||
## Operational Rules
|
||||
|
||||
Reference in New Issue
Block a user