CalvinBackup/gstack
1
0
Fork 0
mirror of https://github.com/garrytan/gstack.git synced 2026-05-02 03:35:09 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix(security): keep 'const systemPrompt = [' identifier for test compatibility

Browse Source 
My canary-injection commit (d50cdc46) renamed `systemPrompt` to
`baseSystemPrompt` + added `systemPrompt = injectCanary(base, canary)`.
That broke 4 brittle tests in sidebar-ux.test.ts that string-slice
serverSrc between `const systemPrompt = [` and `].join('\n')` to extract
the prompt for content assertions.

Those tests aren't perfect — string-slicing source code instead of
running the function is fragile — but rewriting them is out of scope here.
Simpler fix: keep the expected identifier name. Rename my new variable
`baseSystemPrompt` → `systemPrompt` (the template), and call the
canary-augmented prompt `systemPromptWithCanary` which is then used to
construct the final prompt.

No behavioral change. Just restores the test-facing identifier.

Regression test state: sidebar-ux.test.ts now 189 pass / 2 fail,
matching main (the 2 fails are pre-existing CSSOM + shutdown-pkill
issues unrelated to this branch). Full security suite still 219 pass.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Garry Tan
2026-04-20 04:32:23 +08:00
parent af1b1352bf
commit 758b3b373c
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
browse/src/server.ts
+3 -3
View File
@@ -558,7 +558,7 @@ function spawnClaude(userMessage: string, extensionUrl?: string | null, forTabId
// the system prompt — session is killed, user sees the banner.
const canary = generateCanary();
const baseSystemPrompt = [
const systemPrompt = [
'<system>',
`Browser co-pilot. Binary: ${B}`,
'Run `' + B + ' url` first to check the actual page. NEVER assume the URL.',
@@ -585,9 +585,9 @@ function spawnClaude(userMessage: string, extensionUrl?: string | null, forTabId
// Append the canary instruction. injectCanary() tells Claude never to
// output the token on any channel.
const systemPrompt = injectCanary(baseSystemPrompt, canary);
const systemPromptWithCanary = injectCanary(systemPrompt, canary);
const prompt = `${systemPrompt}\n\n<user-message>\n${escapedMessage}\n</user-message>`;
const prompt = `${systemPromptWithCanary}\n\n<user-message>\n${escapedMessage}\n</user-message>`;
// Never resume — each message is a fresh context. Resuming carries stale
// page URLs and old navigation state that makes the agent fight the user.