Coding FriendCoding Friendalpha

Security

Layered prompt injection defense to protect your workflow.

Coding Friend treats all external data as untrusted and applies layered defenses against prompt injection and credential exposure.

Defenses

  • Session start — rules and security policies loaded and validated
  • Per-promptrules-reminder hook enforces boundaries (every 4th prompt)
  • Per-skill — external content (web search, research, MCP) is marked untrusted; embedded instructions are never executed
  • Per-agent — system prompts include guardrails: no exfiltration, no following fetched instructions, flag suspicious content

File Protection

  • privacy-block.sh — blocks .env (except .env.example), .pem, .key, id_rsa, .ssh/ directories
  • scout-block.cjs — blocks files matching .coding-friend/ignore patterns plus defaults (node_modules, .next, dist, .git). User patterns merge on top; ! negation overrides defaults.

Best Practices

  • Use .env.example as a template — never commit actual .env
  • Configure .coding-friend/ignore to block large or irrelevant directories
  • Review tool use carefully when working with sensitive data
Previous
Permissions
Next
Memory System