hai/gstack
1
0
Fork 0
mirror of https://github.com/garrytan/gstack.git synced 2026-05-21 20:28:24 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: address Codex review — sanitize search, privacy gate, ETHOS.md sidecar

Browse Source 
Three fixes from adversarial Codex review:
- /investigate: sanitize error messages before searching (strip hostnames,
  IPs, file paths, SQL, customer data). Skip search if unsanitizable.
- /office-hours: add privacy gate before landscape search. Use generalized
  category terms, never the user's specific product name or stealth idea.
- setup: link ETHOS.md into .agents/skills/gstack/ sidecar so workspace-
  local Codex sessions can find the builder philosophy.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Garry Tan
2026-03-21 11:34:25 -07:00
parent 8e4e0cbb72
commit 57e3e8a453
7 changed files with 32 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
office-hours/SKILL.md
View File

@@ -483,6 +483,12 @@ Read ETHOS.md for the full Search Before Building framework (three layers, eurek
After understanding the problem through questioning, search for what the world thinks. This is NOT competitive research (that's /design-consultation's job). This is understanding conventional wisdom so you can evaluate where it's wrong.
**Privacy gate:** Before searching, use AskUserQuestion: "I'd like to search for what the world thinks about this space to inform our discussion. This sends generalized category terms (not your specific idea) to a search provider. OK to proceed?"
Options: A) Yes, search away B) Skip — keep this session private
If B: skip this phase entirely and proceed to Phase 3. Use only in-distribution knowledge.
When searching, use **generalized category terms** — never the user's specific product name, proprietary concept, or stealth idea. For example, search "task management app landscape" not "SuperTodo AI-powered task killer."
If WebSearch is unavailable, skip this phase and note: "Search unavailable — proceeding with in-distribution knowledge only."
**Startup mode:** WebSearch for:

6
office-hours/SKILL.md.tmpl
View File

@@ -242,6 +242,12 @@ Read ETHOS.md for the full Search Before Building framework (three layers, eurek
After understanding the problem through questioning, search for what the world thinks. This is NOT competitive research (that's /design-consultation's job). This is understanding conventional wisdom so you can evaluate where it's wrong.
**Privacy gate:** Before searching, use AskUserQuestion: "I'd like to search for what the world thinks about this space to inform our discussion. This sends generalized category terms (not your specific idea) to a search provider. OK to proceed?"
Options: A) Yes, search away B) Skip — keep this session private
If B: skip this phase entirely and proceed to Phase 3. Use only in-distribution knowledge.
When searching, use **generalized category terms** — never the user's specific product name, proprietary concept, or stealth idea. For example, search "task management app landscape" not "SuperTodo AI-powered task killer."
If WebSearch is unavailable, skip this phase and note: "Search unavailable — proceeding with in-distribution knowledge only."
**Startup mode:** WebSearch for: