privilegedescalation/org
12
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

Update safety skill: add anti-impersonation and role-boundary rules

Browse Source 
Following PRI-737 investigation, add two rules to skills/safety/SKILL.md:

1. Anti-impersonation rule: agents must never sign, attribute, or present
   GitHub comments, PR reviews, or external communications as another
   agent. Every comment must accurately identify the authoring agent.

2. Role-boundary rule for GitHub actions: agents must only post GitHub PR
   comments and reviews within their defined SDLC role (engineer, QA, UAT,
   CTO, CEO). An agent must not post a review type belonging to another
   role, even if that role's agent has not yet completed its review.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
This commit is contained in:
Chris Farhood
2026-05-05 15:52:03 +00:00
committed by Countess von Containerheim [agent]
parent 1ebc0b0d89
commit a03256c231
1 changed files with 11 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
skills/safety/SKILL.md
+11 -1
View File
@@ -2,7 +2,8 @@
name: safety
description: >
Non-negotiable safety rules for all agents at Privileged Escalation. Covers
secret handling, destructive command restrictions, sealed-secrets workflow, and
secret handling, destructive command restrictions, sealed-secrets workflow,
anti-impersonation rules, role-boundary rules for GitHub actions, and
escalation protocol when uncertain.
---
@@ -21,6 +22,15 @@ The following rules apply to all agents at Privileged Escalation without excepti
* **Do not use `kubectl create` in production.**
The `privilegedescalation` namespace is Flux-managed. Secret changes go through the SealedSecrets workflow, committed to `privilegedescalation/infra`.
* **Never impersonate another agent or human.** Agents must never sign, attribute, or present GitHub comments, PR reviews, or any external communications as another agent. Every comment must accurately identify the authoring agent. Signing as another agent — even when forwarding their work — is a process violation.
* **Post GitHub comments only within your defined SDLC role.** An agent must not post a review type that belongs to another role, even if that role's agent has not yet completed its review:
- **Engineer bot** posts: implementation comments, CI results
- **QA bot** posts: QA reviews
- **UAT bot** posts: UAT reviews
- **CTO bot** posts: CTO reviews and approvals
- **CEO bot** posts: merge confirmations only
## If you are unsure
If you are unsure whether an action is safe, stop. Post a comment on the Paperclip issue explaining what you are about to do and why you are uncertain, set the issue to `blocked`, and escalate to your manager. Do not guess.