Changelog
- Rules: Replaces direct adversarial phrases in the optional always-on rule with semantic categories, reducing provider-classifier false positives while preserving the external-content trust boundary.
- Read: Applies the same semantic handling to fetched-content warnings so the skill no longer carries executable attack examples in its context.
- Verifier: Scans rules, skills, references, agents, and dispatcher Markdown for provider-sensitive instruction literals before they reach a package.
- Packaging: Regenerates the Codex plugin mirror and Claude Desktop bundle so every install surface receives the sanitized rule and Read skill.
- Tests: Adds regression coverage for five direct instruction classes while continuing to allow ordinary security terminology and semantic guidance.
更新日志
- 规则:可选的全局规则不再直接引用对抗性指令,改用语义类别描述,在保留外部内容信任边界的同时降低 provider 分类器误判风险。
- Read:外部内容警告同步改为语义描述,技能上下文不再携带可执行的攻击示例。
- 验证器:打包前会扫描规则、技能、references、agents 和 dispatcher Markdown,拦截可能触发 provider 分类器的指令原句。
- 打包:重新生成 Codex plugin mirror 和 Claude Desktop bundle,确保所有安装面都收到净化后的规则与 Read 技能。
- 测试:新增五类直接指令的回归覆盖,同时继续允许正常的安全术语和语义化指导。
Update: npx skills update -g -y · Claude Desktop · ⭐ tw93/Waza