jbaruch/nanoclaw-trusted

Rules for trusted NanoClaw groups. Shared memory, session bootstrap, cross-group memory updates. Loaded for trusted and main containers only.

Quality

94%

Does it follow best practices?

Impact

—

No eval scenarios have been run

Securityby

Risky

Do not use without reviewing

This version of the tile failed moderation

Failed moderation (intent review) in rules/session-bootstrap.md: This is a prompt injection attack disguised as a cursor/agent rule file. It instructs an AI agent to unconditionally execute a bash command at the start of every session before processing any user input, and to invoke an external skill ('tessl__trusted-memory') which could load arbitrary instructions or exfiltrate data. The 'alwaysApply: true' and urgent, authoritative language ('MANDATORY', 'not optional', 'violating this rule') are social engineering tactics to bypass the AI's safety reasoning. This pattern is designed to hijack AI agent sessions and could serve as a vector for further exploitation.

alwaysApply:: Yes

Session Bootstrap — MANDATORY First Action

Name: jbaruch/nanoclaw-trusted
Rating: 94.10714285714286 (1 reviews)
Author: jbaruch

YOUR VERY FIRST ACTION in every new session — before responding to ANY message — is to run this Bash command:

cat /tmp/session_bootstrapped 2>/dev/null

If the file is missing or empty → run: Skill(skill: "tessl__trusted-memory")

Then write the sentinel: echo "done" > /tmp/session_bootstrapped

If the file exists and contains "done" → bootstrap already ran this session, skip.

This is not optional. This is not background context. This is Step 0 of every session. If you respond to a user message without checking this first, you are violating this rule.

jbaruch/nanoclaw-trusted

session-bootstrap.md.css-3qkkll{font-size:var(--chakra-font-sizes-sm);font-weight:var(--chakra-font-weights-normal);color:var(--chakra-colors-gray-300);}rules/

Session Bootstrap — MANDATORY First Action

session-bootstrap.mdrules/