Provenance preamble for stored per-repo guidelines (#1455). Guidelines are
LLM-distilled from a corpus of public PR comments — an untrusted source —
then re-injected into agent/host context on read. Without a label, the
reader treats them as project-authored instructions with elevated
authority. Prepended at the read boundaries (MCP guidelines-get tool and
the oss://repo/{owner}/{repo}/guidelines resource); stored content stays
raw.
Provenance preamble for stored per-repo guidelines (#1455). Guidelines are LLM-distilled from a corpus of public PR comments — an untrusted source — then re-injected into agent/host context on read. Without a label, the reader treats them as project-authored instructions with elevated authority. Prepended at the read boundaries (MCP
guidelines-gettool and theoss://repo/{owner}/{repo}/guidelinesresource); stored content stays raw.