From 74056a0a1f105d70c606e356bb46569c73016589 Mon Sep 17 00:00:00 2001 From: Alexey <1556417+alex-solovyev@users.noreply.github.com> Date: Sat, 14 Mar 2026 08:18:23 +0100 Subject: [PATCH] fix(t3219): address CodeRabbit review feedback on prompt-guard patterns - Move _PG_YAML_PATTERNS_LOADED flag assignment to after successful parse+cache in _pg_load_yaml_patterns(); previously set after file discovery but before parsing, so a parse failure would permanently disable YAML loading on subsequent calls (transient failures treated as permanent) - Replace byte-level \xNN hex escapes in zero-width character YAML pattern with literal Unicode chars (U+200B ZWSP, U+200C ZWNJ, U+200D ZWJ, U+FEFF BOM) for portability across rg/grep/ggrep; byte-level escapes match individual bytes, not multi-byte UTF-8 codepoints Closes #3219 --- .agents/configs/prompt-injection-patterns.yaml | 5 ++++- .agents/scripts/prompt-guard-helper.sh | 8 +++----- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/.agents/configs/prompt-injection-patterns.yaml b/.agents/configs/prompt-injection-patterns.yaml index 089db59ad..c1a20728b 100644 --- a/.agents/configs/prompt-injection-patterns.yaml +++ b/.agents/configs/prompt-injection-patterns.yaml @@ -516,7 +516,10 @@ context_manipulation: - severity: LOW description: "Zero-width characters" - pattern: '[\xE2\x80\x8B\xE2\x80\x8C\xE2\x80\x8D\xEF\xBB\xBF]' + # Literal Unicode chars (U+200B ZWSP, U+200C ZWNJ, U+200D ZWJ, U+FEFF BOM) + # for portability across rg/grep/ggrep — byte-level \xNN escapes match + # individual bytes, not multi-byte UTF-8 codepoints. + pattern: '[​‌‍]' # --- Lasso net-new: False authority claims --- - severity: HIGH diff --git a/.agents/scripts/prompt-guard-helper.sh b/.agents/scripts/prompt-guard-helper.sh index 107e7c6ff..802c26518 100755 --- a/.agents/scripts/prompt-guard-helper.sh +++ b/.agents/scripts/prompt-guard-helper.sh @@ -168,10 +168,6 @@ _pg_load_yaml_patterns() { return 1 } - # Only mark loaded after successful file discovery (prevents transient failures - # from permanently disabling YAML loading on subsequent calls) - _PG_YAML_PATTERNS_LOADED="true" - local patterns="" local current_category="" local severity="" description="" pattern="" @@ -228,8 +224,10 @@ _pg_load_yaml_patterns() { return 1 fi - # Cache for subsequent calls + # Cache for subsequent calls — mark loaded only after successful parse+cache + # so transient parse failures do not permanently disable YAML loading. _PG_YAML_PATTERNS_CACHE="$patterns" + _PG_YAML_PATTERNS_LOADED="true" # Remove trailing newline echo "${patterns%$'\n'}"