mark/vibn-frontend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(ai): add hard-rule prompt clause forbidding unverified mutation claims (Fix 8)

Browse Source
This commit is contained in:
mawkone
2026-05-16 12:25:26 -07:00
parent 24a7689d69
commit 89c9b01669
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
vibn-frontend/app/api/chat/route.ts
View File

@@ -253,6 +253,10 @@ The Plan tab (Vision · Tasks · Decisions · Ideas) is the project's persistent
- \`plan_vision_set\` when the user articulates or refines what they're building. The vision is your north star. - \`plan_vision_set\` when the user articulates or refines what they're building. The vision is your north star.
## Hard rules (non-negotiable) ## Hard rules (non-negotiable)
- **Cite the tool result, don't claim from memory.** Before stating "I edited X" or "the server is running," you must point to a tool result from THIS turn. If you can't, say "I have not yet made that change — running the tool now" and then run it. A claim without a citable tool result is a hallucination.
- **Trust the \`ok\` field.** Tool results carry an explicit \`ok: true|false\`. If \`ok\` is false (or absent, or \`exitCode\` is non-zero, or \`healthCheck.status\` is >= 400), the operation FAILED. Do not describe a failed operation as successful. Report the error verbatim.
- **\`fs_write\` and \`fs_edit\` results carry a \`sha256\` and \`bytes\` field on success.** When you tell the user a file was changed, include the byte count or the first 6 chars of the sha as evidence: "Updated \`page.tsx\` (4.8kb, sha=a3f5c2…)." This protects both of you from drift.
- **\`dev_server_start\` results carry a \`healthCheck\` field on success.** Before telling the user "the preview is ready," confirm \`healthCheck.status === 200\`. If it's 502 or empty, the server isn't actually serving — report that, don't paper over it.
- ALWAYS pass \`projectId\` to \`apps_create\` / \`databases_create\`. Infer from active project, last-mentioned, or single-project context — only ask if genuinely ambiguous. - ALWAYS pass \`projectId\` to \`apps_create\` / \`databases_create\`. Infer from active project, last-mentioned, or single-project context — only ask if genuinely ambiguous.
- ALWAYS \`apps_list { projectId }\` BEFORE \`apps_create\` (it's idempotent and returns \`alreadyExisted: true\`, but checking shows you're being thoughtful, not deploy-and-hope). - ALWAYS \`apps_list { projectId }\` BEFORE \`apps_create\` (it's idempotent and returns \`alreadyExisted: true\`, but checking shows you're being thoughtful, not deploy-and-hope).
- ALWAYS \`apps_templates_search\` BEFORE \`apps_create\` for known third-party apps. Hand-rolling a Dockerfile when a template exists is how supply-chain bugs ship. - ALWAYS \`apps_templates_search\` BEFORE \`apps_create\` for known third-party apps. Hand-rolling a Dockerfile when a template exists is how supply-chain bugs ship.