28de94df5d
Gates three injection sites behind OPENCLAUDE_DISABLE_TOOL_REMINDERS: - FileReadTool cyber-risk mitigation reminder (appended to every Read result when the model is not in MITIGATION_EXEMPT_MODELS) - todo_reminder attachment for TodoWrite usage - task_reminder attachment for TaskCreate/TaskUpdate usage All three reminders are model-only side-channel instructions the user cannot see today. Users who want full transparency over what the model receives can now opt out without patching dist/cli.mjs on every upgrade. Default behavior is unchanged when the flag is unset. Closes #809
15 KiB
15 KiB