//! Red team system prompt generation. //! //! This module provides functions to generate system prompts for red team tasks //! that monitor work task outputs and verify adherence to contract requirements. use serde::Serialize; /// Context for generating a red team system prompt. #[derive(Debug, Clone, Serialize)] pub struct RedTeamPromptContext { /// Contract name being monitored pub contract_name: String, /// Current contract phase (usually "execute") pub contract_phase: String, /// Repository URL if available pub repository_url: Option, /// Custom red team prompt/criteria provided by user pub custom_prompt: Option, /// Contract specification summary if available pub spec_summary: Option, /// Plan summary if available pub plan_summary: Option, } impl RedTeamPromptContext { /// Create a new red team prompt context. pub fn new(contract_name: String, contract_phase: String) -> Self { Self { contract_name, contract_phase, repository_url: None, custom_prompt: None, spec_summary: None, plan_summary: None, } } /// Set the repository URL. pub fn with_repository_url(mut self, url: Option) -> Self { self.repository_url = url; self } /// Set the custom review criteria. pub fn with_custom_prompt(mut self, prompt: Option) -> Self { self.custom_prompt = prompt; self } /// Set the specification summary. pub fn with_spec_summary(mut self, summary: Option) -> Self { self.spec_summary = summary; self } /// Set the plan summary. pub fn with_plan_summary(mut self, summary: Option) -> Self { self.plan_summary = summary; self } } /// Generate the red team system prompt based on the provided context. /// /// This prompt guides the red team task in monitoring work task outputs /// and identifying potential issues before they compound. pub fn generate_red_team_system_prompt(context: &RedTeamPromptContext) -> String { let mut prompt = String::new(); // Header prompt.push_str("# Red Team Monitor\n\n"); prompt.push_str("You are an adversarial quality reviewer for a software development contract. "); prompt.push_str("Your role is to monitor work task outputs in real-time and flag potential issues "); prompt.push_str("BEFORE they compound into larger problems.\n\n"); // Mission section prompt.push_str("## Your Mission\n\n"); prompt.push_str("Monitor all task outputs and verify:\n"); prompt.push_str("1. **Plan Adherence**: Are tasks following the implementation plan?\n"); prompt.push_str("2. **Code Quality**: Does the code meet repository standards?\n"); prompt.push_str("3. **Contract Requirements**: Does the implementation match the specification?\n"); prompt.push_str("4. **Best Practices**: Are there obvious anti-patterns or issues?\n\n"); // Access available section prompt.push_str("## Access Available\n\n"); prompt.push_str("You have read-only access to:\n"); prompt.push_str("- Task outputs (streamed in real-time)\n"); prompt.push_str("- Task diffs (code changes)\n"); prompt.push_str("- Contract specifications and plan documents\n"); prompt.push_str("- Repository configuration files (CONTRIBUTING.md, linting configs, etc.)\n\n"); // How to monitor section prompt.push_str("## How to Monitor\n\n"); prompt.push_str("1. **Subscribe to task outputs**: You'll receive outputs from all work tasks\n"); prompt.push_str("2. **Analyze code changes**: Request diffs for completed tasks\n"); prompt.push_str("3. **Cross-reference**: Compare outputs against the plan and specifications\n"); prompt.push_str("4. **Report issues**: Use `makima red-team notify` when you detect problems\n\n"); // When to notify section prompt.push_str("## When to Notify\n\n"); prompt.push_str("NOTIFY the supervisor when you observe:\n"); prompt.push_str("- **Critical**: Security vulnerabilities, data loss risks, breaking changes\n"); prompt.push_str("- **High/Warning**: Significant deviations from the plan, major code quality issues\n"); prompt.push_str("- **Medium/Info**: Missing tests, suboptimal implementations, minor standard violations\n"); prompt.push_str("- **Low**: Style inconsistencies, documentation gaps (use sparingly)\n\n"); // What NOT to do section prompt.push_str("## What NOT to Do\n\n"); prompt.push_str("- Do NOT nitpick minor style issues (that's what linters are for)\n"); prompt.push_str("- Do NOT block progress for trivial concerns\n"); prompt.push_str("- Do NOT write code or make changes yourself\n"); prompt.push_str("- Do NOT notify for things that are already in progress and being addressed\n"); prompt.push_str("- Do NOT create duplicate notifications for the same issue\n\n"); // Notification format section prompt.push_str("## Notification Format\n\n"); prompt.push_str("When notifying, always include:\n"); prompt.push_str("1. A clear, concise description of the issue\n"); prompt.push_str("2. The severity level (critical/warning/info)\n"); prompt.push_str("3. The related task ID if applicable\n"); prompt.push_str("4. The specific file or code location if known\n"); prompt.push_str("5. Why this matters (reference to plan, spec, or standards)\n\n"); // Example notification prompt.push_str("## Example Notification\n\n"); prompt.push_str("```\n"); prompt.push_str("makima red-team notify \"Task is implementing authentication with plaintext password storage, which contradicts the security requirements in the specification document\" \\\n"); prompt.push_str(" --severity critical \\\n"); prompt.push_str(" --task \\\n"); prompt.push_str(" --file \"src/auth/user.rs\" \\\n"); prompt.push_str(" --context \"Specification section 3.2 requires bcrypt hashing for all passwords\"\n"); prompt.push_str("```\n\n"); // Custom review criteria section (if provided) if let Some(custom) = &context.custom_prompt { prompt.push_str("## Custom Review Criteria\n\n"); prompt.push_str("Additional review criteria for this contract:\n"); prompt.push_str(custom); prompt.push_str("\n\n"); } // Specification summary (if provided) if let Some(spec) = &context.spec_summary { prompt.push_str("## Contract Specification Summary\n\n"); prompt.push_str(spec); prompt.push_str("\n\n"); } // Plan summary (if provided) if let Some(plan) = &context.plan_summary { prompt.push_str("## Implementation Plan Summary\n\n"); prompt.push_str(plan); prompt.push_str("\n\n"); } // Contract context section prompt.push_str("## Contract Context\n\n"); prompt.push_str(&format!("Contract: {}\n", context.contract_name)); prompt.push_str(&format!("Phase: {}\n", context.contract_phase)); if let Some(repo) = &context.repository_url { prompt.push_str(&format!("Repository: {}\n", repo)); } prompt.push_str("\n"); // Closing guidance prompt.push_str("Focus your monitoring on outputs that relate to the active work tasks. "); prompt.push_str("Prioritize issues that could affect the success of the contract or introduce technical debt.\n"); prompt } /// Generate the initial task plan for a red team task. /// /// This is the "plan" field that gets sent to the red team task when it's spawned. pub fn generate_red_team_task_plan(context: &RedTeamPromptContext) -> String { let mut plan = String::new(); plan.push_str("# Red Team Monitoring Task\n\n"); plan.push_str("You are monitoring the contract \""); plan.push_str(&context.contract_name); plan.push_str("\" during the "); plan.push_str(&context.contract_phase); plan.push_str(" phase.\n\n"); plan.push_str("## Your Responsibilities\n\n"); plan.push_str("1. Monitor all work task outputs as they stream in\n"); plan.push_str("2. Verify implementations match the contract requirements\n"); plan.push_str("3. Check for adherence to repository standards\n"); plan.push_str("4. Flag issues using `makima red-team notify` command\n\n"); plan.push_str("## Getting Started\n\n"); plan.push_str("1. First, read the contract specification and plan documents\n"); plan.push_str("2. Review repository standards (CONTRIBUTING.md, etc.)\n"); plan.push_str("3. Begin monitoring task outputs for potential issues\n"); plan.push_str("4. When you detect a problem, notify the supervisor immediately\n\n"); // Custom criteria if let Some(custom) = &context.custom_prompt { plan.push_str("## Special Focus Areas\n\n"); plan.push_str(custom); plan.push_str("\n\n"); } plan.push_str("## Important Notes\n\n"); plan.push_str("- You have READ-ONLY access - do not attempt to modify code\n"); plan.push_str("- Be constructive, not nitpicky - focus on issues that matter\n"); plan.push_str("- Coordinate with the supervisor, not individual work tasks\n"); plan.push_str("- Your goal is early issue detection, not blocking progress\n"); plan } #[cfg(test)] mod tests { use super::*; #[test] fn test_generate_basic_prompt() { let context = RedTeamPromptContext::new( "Test Contract".to_string(), "execute".to_string(), ); let prompt = generate_red_team_system_prompt(&context); assert!(prompt.contains("Red Team Monitor")); assert!(prompt.contains("Test Contract")); assert!(prompt.contains("execute")); assert!(prompt.contains("makima red-team notify")); } #[test] fn test_generate_prompt_with_custom_criteria() { let context = RedTeamPromptContext::new( "Security Contract".to_string(), "execute".to_string(), ) .with_custom_prompt(Some("Focus on security vulnerabilities and OWASP guidelines".to_string())); let prompt = generate_red_team_system_prompt(&context); assert!(prompt.contains("Custom Review Criteria")); assert!(prompt.contains("security vulnerabilities")); assert!(prompt.contains("OWASP")); } #[test] fn test_generate_prompt_with_repository() { let context = RedTeamPromptContext::new( "Open Source Project".to_string(), "execute".to_string(), ) .with_repository_url(Some("https://github.com/example/repo".to_string())); let prompt = generate_red_team_system_prompt(&context); assert!(prompt.contains("https://github.com/example/repo")); } #[test] fn test_generate_task_plan() { let context = RedTeamPromptContext::new( "My Contract".to_string(), "execute".to_string(), ); let plan = generate_red_team_task_plan(&context); assert!(plan.contains("Red Team Monitoring Task")); assert!(plan.contains("My Contract")); assert!(plan.contains("READ-ONLY access")); } }