Summary
attribution-guard regex [^a-z]gpt[^a-z]? and \bllm\b have false-negative edges (gpt-4 passes if preceded by a letter; llm inside a word slips). The exclusion list is path-anchored to exact filenames; a rename silently re-enables matches.
Scope
- Tighten token list to catch common bypass patterns.
- Move exclusions from path-anchors to a content-based annotation (e.g., a
// attribution-guard: allow tokens directive in the file header).
Acceptance criteria
- Renaming an allowlisted file no longer re-enables false positives.
- Existing allowlisted files carry the in-file directive.
- Guard still catches a deliberate "Claude" insertion.
Source: security-reviewer.
Summary
attribution-guardregex[^a-z]gpt[^a-z]?and\bllm\bhave false-negative edges (gpt-4passes if preceded by a letter;llminside a word slips). The exclusion list is path-anchored to exact filenames; a rename silently re-enables matches.Scope
// attribution-guard: allow tokensdirective in the file header).Acceptance criteria
Source: security-reviewer.