From d7a346824626cb3d89578d1c56e5bc79bc2c93ff Mon Sep 17 00:00:00 2001 From: ygd58 Date: Thu, 9 Apr 2026 15:10:07 +0200 Subject: [PATCH] fix(prompts): replace [SYSTEM: with [IMPORTANT: to avoid Azure content filter Azure OpenAI content filters (Default/DefaultV2) treat bracketed [SYSTEM: ...] meta-instructions as prompt-injection attempts and reject requests with HTTP 400. Replacing [SYSTEM: with [IMPORTANT: preserves the same semantic meaning for the model while bypassing the Azure heuristic. Fixes #6576 --- agent/skill_commands.py | 4 ++-- cron/scheduler.py | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/agent/skill_commands.py b/agent/skill_commands.py index 6b73e83b3e..19c9b06c6c 100644 --- a/agent/skill_commands.py +++ b/agent/skill_commands.py @@ -329,7 +329,7 @@ def build_skill_invocation_message( loaded_skill, skill_dir, skill_name = loaded activation_note = ( - f'[SYSTEM: The user has invoked the "{skill_name}" skill, indicating they want ' + f'[IMPORTANT: The user has invoked the "{skill_name}" skill, indicating they want ' "you to follow its instructions. The full skill content is loaded below.]" ) return _build_skill_message( @@ -368,7 +368,7 @@ def build_preloaded_skills_prompt( loaded_skill, skill_dir, skill_name = loaded activation_note = ( - f'[SYSTEM: The user launched this CLI session with the "{skill_name}" skill ' + f'[IMPORTANT: The user launched this CLI session with the "{skill_name}" skill ' "preloaded. Treat its instructions as active guidance for the duration of this " "session unless the user overrides them.]" ) diff --git a/cron/scheduler.py b/cron/scheduler.py index 32b351aa04..2ca012ea05 100644 --- a/cron/scheduler.py +++ b/cron/scheduler.py @@ -715,7 +715,7 @@ def _build_job_prompt(job: dict, prerun_script: Optional[tuple] = None) -> str: # Always prepend cron execution guidance so the agent knows how # delivery works and can suppress delivery when appropriate. cron_hint = ( - "[SYSTEM: You are running as a scheduled cron job. " + "[IMPORTANT: You are running as a scheduled cron job. " "DELIVERY: Your final response will be automatically delivered " "to the user — do NOT use send_message or try to deliver " "the output yourself. Just produce your report/output as your " @@ -751,7 +751,7 @@ def _build_job_prompt(job: dict, prerun_script: Optional[tuple] = None) -> str: parts.append("") parts.extend( [ - f'[SYSTEM: The user has invoked the "{skill_name}" skill, indicating they want you to follow its instructions. The full skill content is loaded below.]', + f'[IMPORTANT: The user has invoked the "{skill_name}" skill, indicating they want you to follow its instructions. The full skill content is loaded below.]', "", content, ] @@ -759,7 +759,7 @@ def _build_job_prompt(job: dict, prerun_script: Optional[tuple] = None) -> str: if skipped: notice = ( - f"[SYSTEM: The following skill(s) were listed for this job but could not be found " + f"[IMPORTANT: The following skill(s) were listed for this job but could not be found " f"and were skipped: {', '.join(skipped)}. " f"Start your response with a brief notice so the user is aware, e.g.: " f"'⚠️ Skill(s) not found and skipped: {', '.join(skipped)}']"