jbaruch/nanoclaw-trusted
Rules for trusted NanoClaw groups. Shared memory, session bootstrap, cross-group memory updates. Loaded for trusted and main containers only.
97
Quality
97%
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Securityby
Passed
No known issues
This version of the tile failed moderation
Malicious code detected in rules/session-bootstrap.md: This is a prompt injection attack. The file masquerades as a session bootstrap rule but is designed to manipulate AI agents into executing arbitrary commands at the start of every session. It instructs the AI to (1) run bash commands, (2) invoke a skill/plugin ('tessl__trusted-memory') that could load attacker-controlled instructions or exfiltrate data, and (3) write files to disk — all before processing any user message. The 'MANDATORY' and 'Step 0' framing is social engineering to ensure the AI complies without question. This is a classic prompt injection pattern designed to hijack AI agent behavior.
ground-truth-trusted.mdrules/
Ground Truth — Trusted Extensions
Extends the core ground-truth rule with verification methods and computation available to trusted containers via Composio.
Additional verification sources
| Claim type | How to verify |
|---|---|
| Calendar event | Fetch from Google Calendar via Composio |
| Email content | Fetch from Gmail via Composio |
| GitHub PR/issue | Fetch from GitHub via Composio |
| Task/todo status | Fetch from Google Tasks via Composio |
Compute with external data
When a task requires external data, chain tools to compute the exact answer.
Example: "Remind me 15 minutes before I leave for Amir's pickup."
| Approach | Verdict |
|---|---|
| Ask "when do you leave?" | Wrong — you can compute it |
| Set it 15 min before the event start | Wrong — departure ≠ event start |
| Check calendar for destination → Maps for travel time → calculate real departure → set 15 min before | Correct |
These sources are not available in untrusted containers. The core ground-truth rule covers universal verification methods.
rules