feat(mcp): add multi-user sharing ACL guard to _INSTRUCTIONS
The ACL constraint (scope every read/mutation by owner + shares via services/access.py) is a security-correctness invariant that should always be loaded, and it's FabledScribe-specific — so it belongs in Scribe's own contained _INSTRUCTIONS, not the cross-project FabledSword rulebook. The redundant rulebook rule will be retired once this ships to prod. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -122,6 +122,13 @@ X process" or otherwise references a saved process, call list_processes() /
|
||||
get_process(name) and follow the returned prompt verbatim, including any
|
||||
"clarify first" steps it contains. Author a new one with create_process(title,
|
||||
body); edit with update_process.
|
||||
|
||||
When you are developing Scribe itself (not just using it as a data store),
|
||||
honor the multi-user sharing ACL: every read or mutation of user data must
|
||||
scope by owner + direct shares + group shares through services/access.py
|
||||
(can_read_* / can_write_* / can_admin_*) — never assume a single operator. An
|
||||
unscoped query (a fetch-by-id with no ownership check) is a cross-user data
|
||||
leak; "works for one user" is not done.
|
||||
"""
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user