czlonkowski 1530f09bbc feat: Add indirect prompt injection guidance to AI agent pattern (v1.6.0) ...

Adds a "Security: Treat Tool Output as Untrusted Input" section to
ai_agent_workflow.md covering guardrails for agents that fetch
third-party content (HTTP, Serper, Wikipedia, GitHub, MCP Client).

Guidance: gate destructive tools behind human approval, use
least-privilege scopes, constrain the system prompt, validate
structured outputs, and keep tool calls auditable.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-04-19 19:26:46 +02:00

31 KiB

Raw History

View Raw