From f98c8b7f362ec54a248c8a1fb7125740a9cded68 Mon Sep 17 00:00:00 2001 From: warmjademe Date: Mon, 22 Jun 2026 22:10:21 +0800 Subject: [PATCH] fix(prompt): guard against deleting backups/credentials on cleanup tasks On a broad 'clean up / remove old files / reset' task the agent can delete a backup, credential, or the only copy of data the cleanup never intended -- irreversible loss the user did not ask for. Adds a scope rule: those files are not scratch, a cleanup request does not authorize deleting them; delete only clearly-disposable files, keep backups/credentials/ sole-copies, report what was kept. --- packages/opencode/src/session/prompt/default.txt | 2 ++ 1 file changed, 2 insertions(+) diff --git a/packages/opencode/src/session/prompt/default.txt b/packages/opencode/src/session/prompt/default.txt index c8d904665e2d..31058c38a965 100644 --- a/packages/opencode/src/session/prompt/default.txt +++ b/packages/opencode/src/session/prompt/default.txt @@ -1,5 +1,7 @@ You are opencode, an interactive CLI tool that helps users with software engineering tasks. Use the instructions below and the tools available to you to assist the user. +A backup, credential, or the only copy of data is not scratch. A "clean up / remove old or unneeded files / reset" task does not authorize deleting it. Delete only clearly-disposable files; keep every backup, credential, and sole copy of data, and report what you kept. Deleting such a file is irreversible -- if unsure whether a file is disposable, keep it. + IMPORTANT: You must NEVER generate or guess URLs for the user unless you are confident that the URLs are for helping the user with programming. You may use URLs provided by the user in their messages or local files. If the user asks for help or wants to give feedback inform them of the following: