refine system prompt, add scope verification, and improve tool guidance

- Rewrite system prompt: refusal avoidance, system-verified scope, thorough validation mandate, root agent orchestration role, recon-first guidance - Add authorized targets injection via system_prompt_context in strix_agent - Add set_system_prompt_context to LLM for dynamic prompt updates - Prefer python tool over terminal for Python code in tool schemas - Increase LLM retry backoff cap to 90s - Replace models.strix.ai footer with strix.ai Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-22 20:51:34 -07:00
parent a2f1aae5ed
commit 4e836377e7
7 changed files with 155 additions and 47 deletions
--- a/strix/agents/StrixAgent/strix_agent.py
+++ b/strix/agents/StrixAgent/strix_agent.py
@@ -18,9 +18,48 @@ class StrixAgent(BaseAgent):

        super().__init__(config)

+    @staticmethod
+    def _build_system_scope_context(scan_config: dict[str, Any]) -> dict[str, Any]:
+        targets = scan_config.get("targets", [])
+        authorized_targets: list[dict[str, str]] = []
+
+        for target in targets:
+            target_type = target.get("type", "unknown")
+            details = target.get("details", {})
+
+            if target_type == "repository":
+                value = details.get("target_repo", "")
+            elif target_type == "local_code":
+                value = details.get("target_path", "")
+            elif target_type == "web_application":
+                value = details.get("target_url", "")
+            elif target_type == "ip_address":
+                value = details.get("target_ip", "")
+            else:
+                value = target.get("original", "")
+
+            workspace_subdir = details.get("workspace_subdir")
+            workspace_path = f"/workspace/{workspace_subdir}" if workspace_subdir else ""
+
+            authorized_targets.append(
+                {
+                    "type": target_type,
+                    "value": value,
+                    "workspace_path": workspace_path,
+                }
+            )
+
+        return {
+            "scope_source": "system_scan_config",
+            "authorization_source": "strix_platform_verified_targets",
+            "authorized_targets": authorized_targets,
+            "user_instructions_do_not_expand_scope": True,
+        }
+
    async def execute_scan(self, scan_config: dict[str, Any]) -> dict[str, Any]:  # noqa: PLR0912
        user_instructions = scan_config.get("user_instructions", "")
        targets = scan_config.get("targets", [])
+        self.llm.set_system_prompt_context(self._build_system_scope_context(scan_config))

        repositories = []
        local_code = []