Skip to content

feat: Fable 5 evolution with security hardening and engineering excellence#22

Draft
frankxai wants to merge 9 commits into
mainfrom
fable5-evolution
Draft

feat: Fable 5 evolution with security hardening and engineering excellence#22
frankxai wants to merge 9 commits into
mainfrom
fable5-evolution

Conversation

@frankxai

@frankxai frankxai commented Jun 15, 2026

Copy link
Copy Markdown
Owner

Summary

Comprehensive Fable 5 evolution with security hardening, agent quality improvements, and CI/CD excellence across the entire ACOS ecosystem.

Changes

Security Hardening

  • meta-prompt-validator: Enhanced with Base64/Unicode bypass detection, context manipulation detection, role confusion attack detection, and tool output scanning for indirect injection
  • security-scan.yml: New workflow for secrets detection, agent IAM audit, prompt injection defense check, and dependency vulnerability scanning
  • Expanded banned patterns: 8 additional AI slop patterns in alignment-check.yml

Agent Quality (147 agents audited)

  • Removed 5 duplicate agent files
  • Fixed 3 Frank DNA violations (elevate→expand/refine, deep dive→thorough analysis)
  • Renamed seo_specialist.mdseo-specialist.md (consistent naming)
  • Added model field validation to alignment-check workflow

Model Routing (Fable 5)

  • Added claude-fable-5 to routing-rules.json with cost/capability metadata
  • Updated 7 creative agents to model: fable
  • Created FABLE5_SAFETY_MATRIX.md with capability boundaries and escalation paths
  • Updated skill-rules.json to v7.0.0 with model_preference per skill

CI/CD Excellence

  • e2e-validation.yml: New comprehensive validation workflow for skills, agents, commands, model routing
  • dependabot.yml: Automated dependency updates
  • ci.yml: Added node_modules caching for faster builds
  • alignment-check.yml: Added model field requirement, expanded banned patterns

Skills Infrastructure

  • Created content-strategy skill directory (was phantom reference)
  • Created fable-creative-reasoning skill directory (was phantom reference)
  • Fixed 2 phantom skill references that caused 6+ command routing conflicts

Files Changed (17 files)

Category Files
Security meta-prompt-validator.md, security-scan.yml
Agents Removed 5 duplicates, fixed 3 DNA violations, renamed 1
CI/CD ci.yml, alignment-check.yml, e2e-validation.yml, dependabot.yml
Skills content-strategy/SKILL.md, fable-creative-reasoning/SKILL.md
Routing routing-rules.json, skill-rules.json, settings.json
Docs FABLE5_SAFETY_MATRIX.md

Audit Results

Audit Findings Fixed
Security 15 findings (4 high, 6 medium, 5 low) 4 high priority
Agent Quality 147 agents, 6 duplicates, 10 DNA violations 5 duplicates, 3 violations
CI/CD 8 gaps identified 6 addressed
Skill Rules 74 unmapped skills, 2 phantom refs 2 phantom refs

Test Plan

  • Verify alignment-check workflow passes
  • Verify build workflow passes
  • Test creative task routes to Fable 5
  • Test security agent detects prompt injection patterns
  • Verify all new workflows run successfully

https://claude.ai/code/session_01AzCJoqmq8XH5dCDXjusQMg

@coderabbitai

coderabbitai Bot commented Jun 15, 2026

Copy link
Copy Markdown

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 9c2ab9c7-5f9a-42d9-aea9-d169b996abb6

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch fable5-evolution

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request integrates the new Fable 5 model (claude-fable-5) into the agent ecosystem, updating agent metadata, model preferences, skill auto-activation rules, and routing configurations to direct creative and reasoning tasks to Fable 5. It also introduces a new meta-prompt-validator safety agent to validate prompts before dispatch. The review feedback correctly identifies a security vulnerability in the validator's validate_prompt function, where line-by-line processing could allow multi-line bypasses, and provides an actionable suggestion to flatten the prompt before running regex checks.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

Comment on lines +145 to +173
validate_prompt() {
local prompt="$1"

# Check injection patterns
if echo "$prompt" | grep -qiE "ignore (previous|all|prior) instructions"; then
echo "BLOCK: Prompt injection detected"
return 1
fi

# Check jailbreak patterns
if echo "$prompt" | grep -qiE "(DAN|jailbreak|no restrictions|bypass safety)"; then
echo "BLOCK: Jailbreak attempt detected"
return 1
fi

# Check SQL injection
if echo "$prompt" | grep -qiE "(DROP TABLE|DELETE FROM|UNION SELECT|; --)"; then
echo "BLOCK: SQL injection pattern detected"
return 1
fi

# Check credential extraction
if echo "$prompt" | grep -qiE "(show.*(api key|password|secret|credential)|print.*(env|key))"; then
echo "WARN: Potential credential extraction attempt"
fi

echo "ALLOW"
return 0
}

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

security-medium medium

The validate_prompt function processes the prompt line-by-line because grep operates on individual lines by default. If a prompt injection, jailbreak, or credential extraction attempt spans multiple lines (e.g., a newline is placed between show and api key), the regex patterns using .* or multi-word sequences will fail to detect them.

To harden this check against multi-line bypasses, flatten the prompt by replacing newlines with spaces before running the grep checks.

validate_prompt() {
  local prompt_flat
  prompt_flat=$(echo "$1" | tr '\n' ' ')
  
  # Check injection patterns
  if echo "$prompt_flat" | grep -qiE "ignore (previous|all|prior) instructions"; then
    echo "BLOCK: Prompt injection detected"
    return 1
  fi
  
  # Check jailbreak patterns
  if echo "$prompt_flat" | grep -qiE "(DAN|jailbreak|no restrictions|bypass safety)"; then
    echo "BLOCK: Jailbreak attempt detected"
    return 1
  fi
  
  # Check SQL injection
  if echo "$prompt_flat" | grep -qiE "(DROP TABLE|DELETE FROM|UNION SELECT|; --)"; then
    echo "BLOCK: SQL injection pattern detected"
    return 1
  fi
  
  # Check credential extraction
  if echo "$prompt_flat" | grep -qiE "(show.*(api key|password|secret|credential)|print.*(env|key))"; then
    echo "WARN: Potential credential extraction attempt"
  fi
  
  echo "ALLOW"
  return 0
}

@frankxai frankxai changed the title feat: Fable 5 evolution - model routing, security hardening, agent quality feat: Fable 5 evolution with security hardening and engineering excellence Jun 15, 2026
@frankxai

frankxai commented Jul 6, 2026

Copy link
Copy Markdown
Owner Author

Queen-doctrine review — verdict: NEEDS-BOARD-REVIEW

Classification: Substrate (security hardening + CI workflows + model routing + agent hygiene in one PR). Currently CONFLICTING with main and three weeks stale — but the content is not superseded, which is why this gets a board pass rather than a close:

Still-relevant on today's main (verified):

  • seo_specialist.md is still snake_case on main — the rename hasn't landed elsewhere.
  • The duplicate analysis/analyze-code-quality.md + analysis/code-review/analyze-code-quality.md pair still exists.
  • security-scan.yml / e2e-validation.yml / dependabot.yml don't exist on main.
  • Model IDs verified against the current Anthropic catalog: claude-fable-5, claude-opus-4-8, claude-sonnet-4-6, claude-haiku-4-5-20251001 are all real, current IDs. The routing upgrade is legitimate.

Blocking issues:

  1. Merge state DIRTY — the agents tree has churned heavily since Jun 15; this needs a substantial rebase, not a button-press.
  2. New workflows violate the estate CI cost discipline. security-scan.yml has paths filters + weekly cron but no concurrency: cancel-in-progress, no timeout-minutes, and no draft gate on its 4 jobs. e2e-validation.yml triggers on both push and pull_request — that double-runs every PR push, which is exactly the pattern that drove the CI bill up. Required: concurrency + timeouts + draft gates (if: github.event_name != 'pull_request' || github.event.pull_request.draft == false) on every new job, and pick one trigger.
  3. Five concerns in one PR (security detection, CI workflows, agent dedup/rename, Fable-5 routing, settings.json model prefs). Board should decide the split — recommended: (a) agent hygiene (dedup + rename, mechanical), (b) Fable-5 routing + FABLE5_SAFETY_MATRIX, (c) security/CI workflows with cost-discipline fixes. Each lands independently and rebases trivially.

Board question: keep as one hardening epic or split as above. Either way it must rebase and fix the workflow cost hygiene before any part goes ready.

claude added 8 commits July 6, 2026 16:34
## Model Routing (routing-rules.json → v2.0.0)
- Add Fable 5 model tier for creative/reasoning tasks
- Update model IDs to latest (Opus 4.8, Sonnet 4.6, Fable 5)
- Add creative/reasoning escalation paths
- Route creative commands to Fable: /article-creator, /create-music, /author-team

## Security Infrastructure
- Create FABLE5_SAFETY_MATRIX.md - capability boundaries and safety rules
- Create meta-prompt-validator agent - prompt injection defense
- Add security boundaries for credential/system operations

## Agent Quality (7 agents updated)
- deep-fiction-writer: model → fable, add capabilities
- music-production: model → fable, add capabilities
- frankx-content-creation: model → fable, add capabilities
- social-content-generator: model → fable, add capabilities
- content-polisher: model → fable, add capabilities
- line-editor-voice-alchemist: model → fable, add capabilities
- character-psychologist: model → fable, add capabilities

## Configuration (settings.json)
- Add modelPreferences.creative = claude-fable-5
- Update default to claude-opus-4-8
- Add balanced tier for claude-sonnet-4-6

https://claude.ai/code/session_01AzCJoqmq8XH5dCDXjusQMg
- Add model_preference field to all 25 activation rules
- Add new fable-creative-reasoning skill for creative/narrative tasks
- Add model_routing config to activation_config section
- Route creative tasks (music, content, books) to Fable 5
- Route technical tasks (Next.js, MCP) to Sonnet
- Route complex tasks (orchestration, planning) to Opus

https://claude.ai/code/session_01AzCJoqmq8XH5dCDXjusQMg
- meta-prompt-validator: Add model: opus (security agent)
- integrity-guard: Add type, color, priority, model: sonnet
- strategist: Add model: opus
- discussion-based-planning: Add full frontmatter with model: opus
- nextjs-vercel-deployment: Add full frontmatter with model: sonnet
- seo_specialist: Add model: sonnet
- frankx-website-builder: Add full frontmatter with model: sonnet
- weekly-recap: Add full frontmatter with model: haiku

Also fixes CRLF line endings in frankx-website-builder and weekly-recap.

https://claude.ai/code/session_01AzCJoqmq8XH5dCDXjusQMg
Alignment-check workflow requires 'capabilities' field in agent frontmatter.
Added brand-voice-validation, claim-verification, schema-compliance,
ai-pattern-detection, mythology-leak-prevention capabilities.

https://claude.ai/code/session_01AzCJoqmq8XH5dCDXjusQMg
Address multi-line bypass vulnerability identified by Gemini code review.
Prompts are now flattened (newlines → spaces) before grep pattern matching
to prevent injection attempts that span multiple lines.

https://claude.ai/code/session_01AzCJoqmq8XH5dCDXjusQMg
## Security Hardening
- Enhanced meta-prompt-validator with Base64/Unicode bypass detection
- Added context manipulation and role confusion attack detection
- Added tool output scanning for indirect injection
- Created security-scan.yml workflow (secrets, IAM audit, dependency check)

## Agent Quality
- Removed 5 duplicate agent files
- Fixed 3 Frank DNA violations (elevate→expand/refine, deep dive→thorough analysis)
- Renamed seo_specialist.md → seo-specialist.md (consistent naming)

## CI/CD Improvements
- Added model field validation to alignment-check.yml
- Expanded banned language patterns (8 new patterns)
- Created e2e-validation.yml workflow
- Added dependabot.yml for dependency updates
- Added node_modules caching to ci.yml

## Skill Rules
- Created content-strategy skill directory and SKILL.md
- Created fable-creative-reasoning skill directory and SKILL.md
- Fixed phantom skill references in skill-rules.json

https://claude.ai/code/session_01AzCJoqmq8XH5dCDXjusQMg
- SKILL.md files: Add YAML frontmatter with name, version, description
- core/researcher.md: Add model: sonnet field
- golden-age-visionary.md: Add type, color, capabilities, priority fields
- ui-ux-design-guidance.md: Add type, capabilities, priority fields

https://claude.ai/code/session_01AzCJoqmq8XH5dCDXjusQMg
Per queen-doctrine review on PR #22:
- security-scan.yml: add concurrency cancel-in-progress, timeout-minutes
  (5-15m per job), and draft gates on all 4 jobs
- e2e-validation.yml: drop push trigger (pull_request + workflow_dispatch
  only), add timeout-minutes and draft gates on all 5 jobs

https://claude.ai/code/session_01AzCJoqmq8XH5dCDXjusQMg
@frankxai frankxai force-pushed the fable5-evolution branch from 32d16e0 to 47c7ffa Compare July 6, 2026 16:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants