fix: harden group chat prompt metadata

2026-05-06 11:50:43 +00:00 · 2026-04-23 18:14:26 +01:00
parent 6415e35f55
commit e0f5961e28
9 changed files with 27 additions and 19 deletions
--- a/docs/channels/groups.md
+++ b/docs/channels/groups.md
@@ -400,7 +400,7 @@ Channel specific notes:

 - BlueBubbles can optionally enrich unnamed macOS group participants from the local Contacts database before populating `GroupMembers`. This is off by default and only runs after normal group gating passes.

-The agent system prompt includes a group intro on the first turn of a new group session. It reminds the model to respond like a human, avoid Markdown tables, minimize empty lines and follow normal chat spacing, and avoid typing literal `\n` sequences.
+The agent system prompt includes a group intro on the first turn of a new group session. It reminds the model to respond like a human, avoid Markdown tables, minimize empty lines and follow normal chat spacing, and avoid typing literal `\n` sequences. Channel-sourced group names and participant labels are rendered as fenced untrusted metadata, not inline system instructions.

 ## iMessage specifics

--- a/docs/channels/whatsapp.md
+++ b/docs/channels/whatsapp.md
@@ -250,7 +250,7 @@ When the linked self number is also present in `allowFrom`, WhatsApp self-chat s
    - `<media:document>`
    - `<media:sticker>`

-    Location and contact payloads are normalized into textual context before routing.
+    Location bodies use terse coordinate text. Location labels/comments and contact/vCard details are rendered as fenced untrusted metadata, not inline prompt text.

  </Accordion>