Skip to content

V3.31.2 Safeguard 🛡️

Latest

Choose a tag to compare

@tw93 tw93 released this 10 Jul 08:40

Waza V3.31.2

Safer instruction boundaries without literal attack prompts.

Changelog

  1. Rules: Replaces direct adversarial phrases in the optional always-on rule with semantic categories, reducing provider-classifier false positives while preserving the external-content trust boundary.
  2. Read: Applies the same semantic handling to fetched-content warnings so the skill no longer carries executable attack examples in its context.
  3. Verifier: Scans rules, skills, references, agents, and dispatcher Markdown for provider-sensitive instruction literals before they reach a package.
  4. Packaging: Regenerates the Codex plugin mirror and Claude Desktop bundle so every install surface receives the sanitized rule and Read skill.
  5. Tests: Adds regression coverage for five direct instruction classes while continuing to allow ordinary security terminology and semantic guidance.

更新日志

  1. 规则:可选的全局规则不再直接引用对抗性指令,改用语义类别描述,在保留外部内容信任边界的同时降低 provider 分类器误判风险。
  2. Read:外部内容警告同步改为语义描述,技能上下文不再携带可执行的攻击示例。
  3. 验证器:打包前会扫描规则、技能、references、agents 和 dispatcher Markdown,拦截可能触发 provider 分类器的指令原句。
  4. 打包:重新生成 Codex plugin mirror 和 Claude Desktop bundle,确保所有安装面都收到净化后的规则与 Read 技能。
  5. 测试:新增五类直接指令的回归覆盖,同时继续允许正常的安全术语和语义化指导。

Update: npx skills update -g -y · Claude Desktop · ⭐ tw93/Waza