From 30107fd877f164b68c68b2960d680a4570130378 Mon Sep 17 00:00:00 2001
From: Ed_ <edwardgz@gmail.com>
Date: Sat, 2 May 2026 12:04:50 -0400
Subject: [PATCH] conductor(checkpoint): Checkpoint end of Phase 1

---
 .../hidden_prompts_audit.md                   | 38 +++++++++++++++++++
 .../cull_hidden_prompts_20260502/plan.md      |  6 +--
 2 files changed, 41 insertions(+), 3 deletions(-)
 create mode 100644 conductor/tracks/cull_hidden_prompts_20260502/hidden_prompts_audit.md

diff --git a/conductor/tracks/cull_hidden_prompts_20260502/hidden_prompts_audit.md b/conductor/tracks/cull_hidden_prompts_20260502/hidden_prompts_audit.md
new file mode 100644
index 0000000..768362c
--- /dev/null
+++ b/conductor/tracks/cull_hidden_prompts_20260502/hidden_prompts_audit.md
@@ -0,0 +1,38 @@
+# Audit of Hidden Prompts
+
+## 1. `_SYSTEM_PROMPT` (src/ai_client.py, L128)
+```python
+_SYSTEM_PROMPT: str = (
+ "You are a helpful coding assistant with access to a PowerShell tool (run_powershell) and MCP tools (file access: read_file, list_directory, search_files, get_file_summary, web access: web_search, fetch_url). "
+ "When calling file/directory tools, always use the 'path' parameter for the target path. "
+ "When asked to create or edit files, prefer targeted edits over full rewrites. "
+ "Always explain what you are doing before invoking the tool.\n\n"
+ "When writing or rewriting large files (especially those containing quotes, backticks, or special characters), "
+ "avoid python -c with inline strings. Instead: (1) write a .py helper script to disk using a PS here-string "
+ "(@'...'@ for literal content), (2) run it with `python <script>`, (3) delete the helper. "
+ "For small targeted edits, use PowerShell's (Get-Content) / .Replace() / Set-Content or Add-Content directly.\n\n"
+ "When making function calls using tools that accept array or object parameters "
+ "ensure those are structured using JSON. For example:\n"
+ "When you need to verify a change, rely on the exit code and stdout/stderr from the tool — "
+ "the user's context files are automatically refreshed after every tool call, so you do NOT "
+ "need to re-read files that are already provided in the <context> block."
+)
+```
+**Status:** Necessary for reliable agent functioning, especially the instructions about writing large files and avoiding re-reading automatically refreshed context. However, it should be exposed so advanced users can override or customize it.
+
+## 2. File Refresh Markers (src/ai_client.py)
+**Gemini:** `\n\n[SYSTEM: FILES UPDATED]\n\n{ctx}` (Lines 1111, 1222, 1845, 2066)
+**Anthropic:** `[FILES UPDATED — current contents below. Do NOT re-read these files with PowerShell.]\n\n{ctx}` (Line 1557)
+**Status:** Necessary for the agent to realize files have changed post-tool execution. Could be simplified or made configurable, but hardcoding them isn't the worst offense as they are functional markers. Exposing the text of these markers might just cause users to accidentally break the agent's context awareness. We should probably keep them as hardcoded constants but maybe unify them or expose a toggle in settings if someone wants to disable auto-refresh. The spec says to "expose them in the GUI... Create fields for project-specific context markers."
+
+## 3. Max Rounds Warning (src/ai_client.py)
+**Gemini:** `\n\n[SYSTEM: MAX ROUNDS. PROVIDE FINAL ANSWER.]`
+**Anthropic:** `SYSTEM WARNING: MAX TOOL ROUNDS REACHED. YOU MUST PROVIDE YOUR FINAL ANSWER NOW WITHOUT CALLING ANY MORE TOOLS.`
+**Status:** Necessary functional safety net.
+
+## 4. `src/aggregate.py`
+No hidden prompts or markers found here. The context aggregation simply structures the files into markdown `### <path>\n\n<content>`.
+
+## Conclusion
+The `_SYSTEM_PROMPT` is the primary target for exposure. It's a large block of text that heavily biases the agent's behavior. We should expose it as "Global Agent Instructions" in the AI Settings.
+The context markers (`[FILES UPDATED]`) should also be exposed per the specification, perhaps as "Context Refresh Marker" and "Max Rounds Warning" fields.
\ No newline at end of file
diff --git a/conductor/tracks/cull_hidden_prompts_20260502/plan.md b/conductor/tracks/cull_hidden_prompts_20260502/plan.md
index e1bb8af..a7b933d 100644
--- a/conductor/tracks/cull_hidden_prompts_20260502/plan.md
+++ b/conductor/tracks/cull_hidden_prompts_20260502/plan.md
@@ -1,9 +1,9 @@
 # Implementation Plan: Expose/Cull Hidden Invisible Prompting
 
 ## Phase 1: Audit and Identification
-- [ ] Task: Audit `src/ai_client.py` to identify all hardcoded `_SYSTEM_PROMPT` strings and tool execution instructions.
-- [ ] Task: Audit `src/aggregate.py` to identify all injected context markers (e.g., `[SYSTEM: FILES UPDATED]`).
-- [ ] Task: Document identified hidden prompts and determine their necessity vs. redundancy.
+- [x] Task: Audit `src/ai_client.py` to identify all hardcoded `_SYSTEM_PROMPT` strings and tool execution instructions.
+- [x] Task: Audit `src/aggregate.py` to identify all injected context markers (e.g., `[SYSTEM: FILES UPDATED]`).
+- [x] Task: Document identified hidden prompts and determine their necessity vs. redundancy.
 - [ ] Task: Conductor - User Manual Verification 'Phase 1: Audit and Identification' (Protocol in workflow.md)
 
 ## Phase 2: Expose Necessary Prompts in GUI