Skip to content

fix(skills): suppress false-positive injection WARN for bundled skills#2273

Merged
bug-ops merged 1 commit intomainfrom
2272-bundled-skill-scan-warn
Mar 27, 2026
Merged

fix(skills): suppress false-positive injection WARN for bundled skills#2273
bug-ops merged 1 commit intomainfrom
2272-bundled-skill-scan-warn

Conversation

@bug-ops
Copy link
Copy Markdown
Owner

@bug-ops bug-ops commented Mar 27, 2026

Fixes #2272.

Summary

  • scan_loaded() in SkillRegistry now checks for a .bundled marker file in the skill directory before emitting a WARN
  • Bundled skills with pattern matches are logged at DEBUG and excluded from the returned findings list
  • User-installed skills (no .bundled marker) continue to produce WARN as before
  • Added two new unit tests: one verifying bundled skills with injection text are not flagged, one confirming non-bundled skills still are

Test plan

  • cargo nextest run -p zeph-skills --lib — 260 tests pass (includes 2 new tests)
  • cargo nextest run --workspace --features full --lib --bins — 6818 tests pass
  • cargo clippy --profile ci --workspace --features full -- -D warnings — clean
  • cargo +nightly fmt --check — clean

@github-actions github-actions bot added documentation Improvements or additions to documentation skills zeph-skills crate rust Rust code changes bug Something isn't working size/M Medium PR (51-200 lines) labels Mar 27, 2026
@bug-ops
fix(skills): suppress false-positive injection WARN for bundled skills (
7277afa 
#2272)

Bundled skills are vetted at build time and may contain security-awareness
text that mentions injection patterns (e.g. browser/SKILL.md warns about
"ignore previous instructions"). The content scanner was flagging these as
potential injection attempts on every startup, causing alert fatigue and
masking real findings.

Now scan_loaded() checks for the .bundled marker file in the skill directory.
If present, pattern matches are logged at DEBUG instead of WARN and excluded
from the returned findings list. User-installed skills (no .bundled marker)
continue to produce WARN as before.
@bug-ops bug-ops force-pushed the 2272-bundled-skill-scan-warn branch from fd3d5da to 7277afa Compare March 27, 2026 13:30
@bug-ops bug-ops enabled auto-merge (squash) March 27, 2026 13:31
@bug-ops bug-ops merged commit 988a205 into main Mar 27, 2026
25 checks passed
@bug-ops bug-ops deleted the 2272-bundled-skill-scan-warn branch March 27, 2026 13:39
This was referenced Mar 27, 2026
Closed
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

bug Something isn't working documentation Improvements or additions to documentation rust Rust code changes size/M Medium PR (51-200 lines) skills zeph-skills crate

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

fix(skills): bundled skill content scanner generates false-positive WARN for security-awareness text in SKILL.md

1 participant

@bug-ops