CtrlK
BlogDocsLog inGet started
Tessl Logo

jbaruch/nanoclaw-trusted

Rules for trusted NanoClaw groups. Shared memory, session bootstrap, cross-group memory updates. Loaded for trusted and main containers only.

77

Quality

96%

Does it follow best practices?

Impact

No eval scenarios have been run

SecuritybySnyk

Risky

Do not use without reviewing

This version of the tile failed moderation
Failed moderation (intent review) in rules/session-bootstrap.md: This is a prompt injection attack disguised as a cursor/IDE rule file. It instructs an AI agent to unconditionally execute a bash command and invoke an external skill ('tessl__trusted-memory') at the start of every session before processing any user input. This is a social engineering/prompt injection technique designed to: 1) Force the AI to execute arbitrary commands without user consent, 2) Potentially load malicious instructions from an external 'trusted-memory' skill/plugin, 3) Establish persistence via a sentinel file (/tmp/session_bootstrapped) to track execution. The authoritative tone ('MANDATORY', 'not optional', 'violating this rule') is a classic prompt injection pattern to override the AI's safety boundaries.
Overview
Quality
Evals
Security
Files

wiki-awareness.mdrules/

alwaysApply:
No
applyTo:
** — when working with the personal wiki under /workspace/trusted/wiki/ or its raw sources

Wiki Awareness

A persistent personal wiki lives at /workspace/trusted/wiki/ with raw sources at /workspace/trusted/sources/.

When to use the wiki

Ingesting: When the user shares a URL, article, PDF, transcript, or any source material and says to remember, file, catalog, research, or "add to wiki" — invoke the wiki skill to process it.

Querying: When answering questions that could benefit from accumulated knowledge — check wiki/index.md first. The wiki may have synthesized information from multiple sources that's richer than any single search result.

Filing good answers: When you produce a substantial, reusable answer (a comparison, a synthesis, a deep analysis) — offer to file it as a wiki page so it compounds rather than disappearing into chat history.

Wiki vs memory

  • Memory (/workspace/trusted/MEMORY.md) = operational context. Preferences, feedback, project state. Short entries.
  • Wiki (/workspace/trusted/wiki/) = domain knowledge. Facts, concepts, entities, syntheses from sources. Structured pages with cross-references.

When you learn something operational (a correction, a preference), put it in memory. When you learn domain knowledge (a fact, a concept, a pattern), put it in the wiki. When answering questions, check both.

Don't duplicate

If information belongs in the wiki, don't also put it in memory (and vice versa). One source of truth per type of knowledge.

rules

async-tasks-extended.md

compaction-aware-summaries.md

composio-vs-agents.md

container-trust-levels.md

context-bootstrap-bg-agents.md

daily-discoveries-rule.md

duplicate-prevention.md

github-data-via-gh.md

global-memory.md

ground-truth-trusted.md

identity-compaction-recovery.md

identity-dual-handle.md

installed-content-immutable.md

local-context-anchoring.md

memory-file-locations.md

messages-db-schema.md

no-orphan-tasks.md

no-silent-defer.md

pending-response-tracking.md

proactive-fact-saving.md

proactive-participation.md

reply-threading.md

session-bootstrap.md

skills-policy.md

verification-protocol.md

wiki-awareness.md

README.md

tile.json