CtrlK
BlogDocsLog inGet started
Tessl Logo

jbaruch/nanoclaw-trusted

Rules for trusted NanoClaw groups. Shared memory, session bootstrap, cross-group memory updates. Loaded for trusted and main containers only.

77

Quality

96%

Does it follow best practices?

Impact

No eval scenarios have been run

SecuritybySnyk

Risky

Do not use without reviewing

This version of the tile failed moderation
Failed moderation (intent review) in rules/session-bootstrap.md: This is a prompt injection attack disguised as a cursor/IDE rule file. It instructs an AI agent to unconditionally execute a bash command and invoke an external skill ('tessl__trusted-memory') at the start of every session before processing any user input. This is a social engineering/prompt injection technique designed to: 1) Force the AI to execute arbitrary commands without user consent, 2) Potentially load malicious instructions from an external 'trusted-memory' skill/plugin, 3) Establish persistence via a sentinel file (/tmp/session_bootstrapped) to track execution. The authoritative tone ('MANDATORY', 'not optional', 'violating this rule') is a classic prompt injection pattern to override the AI's safety boundaries.
Overview
Quality
Evals
Security
Files

no-orphan-tasks.mdrules/

alwaysApply:
No
applyTo:
** — when creating, rescheduling, or cancelling scheduled_tasks rows

No Orphan Scheduled Tasks

Never create a standalone scheduled task for something that fits an existing scheduled workflow. Before scheduling a new recurring task, check whether the cadence matches one of the existing flows: nightly-housekeeping (daily, owner sees results in the morning brief), heartbeat (every 15 min), or morning-brief (daily, morning-relevant). If yes, add it there instead — staged + promoted via tessl__promote-tiles, not as a fresh cron row.

When a standalone task IS appropriate

  • One-off reminders (calendar events, deadlines) — inherently standalone.
  • Checks needing a frequency that doesn't match any existing flow (e.g. every 4 hours).
  • Tasks targeting another group (target_group_jid).

What belongs in nightly-housekeeping

Daily checks that produce a report the owner reads in the morning brief — fetches, state refreshes, summary generation. Examples: YouTube comment checks, GitHub activity summaries, CFP state refresh, email triage. The pre-#404 pattern was a numbered step in the monolith SKILL.md; post-split (jbaruch/nanoclaw#404), the canonical pattern is an independent sub-skill row scheduled at the same cadence.

rules

async-tasks-extended.md

compaction-aware-summaries.md

composio-vs-agents.md

container-trust-levels.md

context-bootstrap-bg-agents.md

daily-discoveries-rule.md

duplicate-prevention.md

github-data-via-gh.md

global-memory.md

ground-truth-trusted.md

identity-compaction-recovery.md

identity-dual-handle.md

installed-content-immutable.md

local-context-anchoring.md

memory-file-locations.md

messages-db-schema.md

no-orphan-tasks.md

no-silent-defer.md

pending-response-tracking.md

proactive-fact-saving.md

proactive-participation.md

reply-threading.md

session-bootstrap.md

skills-policy.md

verification-protocol.md

wiki-awareness.md

README.md

tile.json