ed/manual_slop
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore(conductor): Add new track 'Move discussion histories to their own toml to prevent the ai agent from reading it (will be on a blacklist).'

Browse Source
This commit is contained in:
Edward R. Gonzalez
2026-02-24 18:32:09 -05:00
parent 874422ecfd
commit ef3d8b0ec1
7 changed files with 80 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
conductor/tracks/history_segregation_20260224/plan.md Normal file
View File

@@ -0,0 +1,30 @@
# Implementation Plan: Discussion History Segregation and Blacklisting
This plan follows the Test-Driven Development (TDD) workflow to move discussion history into a dedicated sibling TOML file and enforce a strict blacklist against AI agent tool access.
## Phase 1: Foundation and Migration Logic
This phase focuses on the structural changes needed to handle dual-file project configurations and the automatic migration of legacy history.
- [ ] Task: Research existing `ProjectManager` serialization and tool access points in `mcp_client.py`.
- [ ] Task: Write TDD tests for migrating the `discussion` key from `manual_slop.toml` to a new sibling file.
- [ ] Task: Implement automatic migration in `ProjectManager.load_project()`.
- [ ] Task: Update `ProjectManager.save_project()` to persist history separately.
- [ ] Task: Verify that existing history is correctly migrated and remains visible in the GUI.
- [ ] Task: Conductor - User Manual Verification 'Foundation and Migration' (Protocol in workflow.md)
## Phase 2: Blacklist Enforcement
This phase ensures the AI agent is strictly prevented from reading the history source files through its tools.
- [ ] Task: Write failing tests that attempt to read a known history file via the `mcp_client.py` and `aggregate.py` logic.
- [ ] Task: Implement hardcoded exclusion for `*_history.toml` and `history.toml` in `mcp_client.py`.
- [ ] Task: Implement hardcoded exclusion in `aggregate.py` to prevent history from being added as a raw file context.
- [ ] Task: Verify that tool-based file reads for the history file return a "Permission Denied" or "Blacklisted" error.
- [ ] Task: Conductor - User Manual Verification 'Blacklist Enforcement' (Protocol in workflow.md)
## Phase 3: Integration and Final Validation
This phase validates the full lifecycle, ensuring the application remains functional and secure.
- [ ] Task: Conduct a full walkthrough using the simulation scripts to verify history persistence across turns.
- [ ] Task: Verify that the AI can still use the *curated* history provided in the prompt context but cannot access the raw file.
- [ ] Task: Run full suite of automated GUI and API hook tests.
- [ ] Task: Conductor - User Manual Verification 'Integration and Final Validation' (Protocol in workflow.md)