justinmclean opened a new pull request, #215:
URL: https://github.com/apache/airflow-steward/pull/215
## What
Adds a new `validate_privacy_patterns` check to the skill validator that
enforces Pattern 6 from `write-skill/security-checklist.md`: skills that
read full issue bodies from the private `<tracker>` repo must run the
Privacy-LLM gate-check before making any outbound LLM call.
Also fixes the two skills the new check identified as missing the gate.
## Why
Skills like `security-issue-deduplicate` and `security-issue-fix` pass
embargoed CVE detail, reporter PII, and other private content from
`<tracker>` issue bodies directly to the model. The privacy-LLM
gate-check is the required pre-flight for that — it was documented in
the security checklist but not enforced.
## Changes
**`tools/skill-validator`**
- New `PRIVACY_CATEGORY` constant (soft violation category)
- New `validate_privacy_patterns` — fires when a skill has an
external-content `mode` + references `<tracker>` + contains
`gh issue view` (the read discriminator). Skills that only write to
or query metadata from the tracker are exempt.
- 11 new tests in `TestPrivacyPatternP6`
**`.claude/skills`**
- `security-issue-deduplicate`: added privacy-LLM gate to Step 0
- `security-issue-fix`: added privacy-LLM gate to Step 0
## Notes
The `gh issue view` discriminator is what separates genuine gaps from
false positives — `security-issue-import-from-pr` references `<tracker>`
as a write destination and uses only `gh search`/`gh api` for reads,
so it is correctly exempt.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
