feat(mcp): add multi-user sharing ACL guard to _INSTRUCTIONS
The ACL constraint (scope every read/mutation by owner + shares via services/access.py) is a security-correctness invariant that should always be loaded, and it's FabledScribe-specific — so it belongs in Scribe's own contained _INSTRUCTIONS, not the cross-project FabledSword rulebook. The redundant rulebook rule will be retired once this ships to prod. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -122,6 +122,13 @@ X process" or otherwise references a saved process, call list_processes() /
|
|||||||
get_process(name) and follow the returned prompt verbatim, including any
|
get_process(name) and follow the returned prompt verbatim, including any
|
||||||
"clarify first" steps it contains. Author a new one with create_process(title,
|
"clarify first" steps it contains. Author a new one with create_process(title,
|
||||||
body); edit with update_process.
|
body); edit with update_process.
|
||||||
|
|
||||||
|
When you are developing Scribe itself (not just using it as a data store),
|
||||||
|
honor the multi-user sharing ACL: every read or mutation of user data must
|
||||||
|
scope by owner + direct shares + group shares through services/access.py
|
||||||
|
(can_read_* / can_write_* / can_admin_*) — never assume a single operator. An
|
||||||
|
unscoped query (a fetch-by-id with no ownership check) is a cross-user data
|
||||||
|
leak; "works for one user" is not done.
|
||||||
"""
|
"""
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user