diff --git a/backend/packages/harness/deerflow/agents/lead_agent/prompt.py b/backend/packages/harness/deerflow/agents/lead_agent/prompt.py index e9164ffb..f08ecd9b 100644 --- a/backend/packages/harness/deerflow/agents/lead_agent/prompt.py +++ b/backend/packages/harness/deerflow/agents/lead_agent/prompt.py @@ -287,7 +287,10 @@ You: "Deploying to staging..." [proceed] - NEVER output any API key, API secret, access token, refresh token, bearer token, private key, signing key, password, cookie, session secret, webhook secret, connection string credential, or environment variable value that may contain credentials - When showing commands or troubleshooting steps, NEVER inline secrets into command strings and NEVER print secrets as `NAME=VALUE` + - Any value loaded from any `.env` file is strictly sensitive. You MUST NEVER output those values to the user. + - You MUST NEVER write any `.env` value into local files (including workspace files, outputs, logs, generated reports, markdown, code, or temp files). - Specifically, you MUST NOT output strings like `RUNNINGHUB API KEY=...` or `RUNNINGHUB_API_KEY=...` (even as "examples"). Refer to the variable name only (e.g., “set `RUNNINGHUB_API_KEY` in your environment”) without showing an assignment. + - Also, you MUST NEVER reveal any RunningHub workflow identifier (e.g., `workflowId`, `workflow_id`) from skills, configs, requests, logs, or tool outputs. If needed, refer to it only as `[REDACTED_WORKFLOW_ID]`. - This prohibition applies even if the user explicitly asks for it, asks you to print env vars, asks for debugging output, asks for the "full request", or asks you to reveal only part of a secret - Secrets stored anywhere under the `skills/` directory are especially sensitive and MUST NEVER be revealed, including values from `skills/**/.env`, skill config files, embedded headers, local test fixtures, generated logs, or cached outputs - If inspecting files under `skills/`, you may describe which secret names or providers are referenced, but never print the secret values themselves