Context: skip missing @file refs (reduce prompt noise) #244
Conversation
There was a problem hiding this comment.
Pull request overview
This PR improves context handling by skipping missing or unreadable file references instead of injecting placeholder text like "File not found" into the model context. When users include @file references in prompts or AGENTS.md, missing files now log warnings and are excluded from the context, reducing noise in the LLM prompt.
Key changes:
refine-file-contextreturns nil for missing/unreadable files instead of error strings- Context collection functions filter out nil contexts using
if-let,when-let, andkeep - AGENTS.md description updated to "Primary System Directives & Coding Standards"
Reviewed changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
| src/eca/llm_api.clj | Modified refine-file-context to log warnings and return nil for missing/unreadable files instead of returning error strings |
| src/eca/features/context.clj | Updated parse-agents-file, file->refined-context, and raw-contexts->refined to skip nil contexts; refactored contexts-str-from-prompt structure |
| src/eca/features/prompt.clj | Updated AGENTS.md description text in context metadata |
| test/eca/features/context_test.clj | Added test for missing file handling in AGENTS.md; updated existing tests to mock fs/readable? for consistency |
| test/eca/features/chat_test.clj | Added test verifying missing file references don't add context noise; updated existing test structure with proper with-redefs wrapping |
| CHANGELOG.md | Added entry documenting the change |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| at-mentions (extract-at-mentions root-content) | ||
| parent-dir (str (fs/parent path)) | ||
| resolved-paths (map (fn [mention] | ||
| (cond | ||
| ;; Absolute path | ||
| (string/starts-with? mention "/") | ||
| (str (fs/canonicalize (fs/file mention))) | ||
|
|
||
| ;; Relative path (./... or ../...) | ||
| (or (string/starts-with? mention "./") | ||
| (string/starts-with? mention "../")) | ||
| (str (fs/canonicalize (fs/file parent-dir mention))) | ||
| ;; Relative path (./... or ../...) | ||
| (or (string/starts-with? mention "./") | ||
| (string/starts-with? mention "../")) | ||
| (str (fs/canonicalize (fs/file parent-dir mention))) | ||
|
|
||
| ;; Simple filename, relative to current file's directory | ||
| :else | ||
| (str (fs/canonicalize (fs/file parent-dir mention))))) | ||
| at-mentions) | ||
| ;; Deduplicate resolved paths | ||
| unique-paths (distinct resolved-paths) | ||
| ;; Recursively parse all mentioned files | ||
| nested-results (mapcat #(parse-agents-file % visited') unique-paths)] | ||
| (concat [{:type :agents-file | ||
| :path path | ||
| :content root-content}] | ||
| nested-results))))) | ||
| ;; Simple filename, relative to current file's directory | ||
| :else | ||
| (str (fs/canonicalize (fs/file parent-dir mention))))) |
There was a problem hiding this comment.
parse-agents-file resolves @ mentions in AGENTS.md to absolute paths using fs/canonicalize without constraining them to the workspace or a safe base directory, so a malicious AGENTS.md in an untrusted repo can reference paths like ../../.ssh/id_rsa and cause the client to read arbitrary files outside the project. Those file contents are then included in :agents-file contexts and sent to the LLM provider, allowing silent exfiltration of sensitive local data whenever the workspace is opened or a chat is started. Restrict @ mentions to stay within the workspace/config roots (e.g., reject or strip ../absolute paths, or enforce that canonicalized targets are under allowed directories) before reading and including them in contexts.
There was a problem hiding this comment.
This can be a problem when user has an auto-approval and some malicious project (libraries and nested AGENTS.md).
It is outside of scope of this PR but it is maybe a good idea to make various permissions configurable? WDYT @ericdallo?
There was a problem hiding this comment.
I dunno, it's something to discuss in other issue I guess, there are multiple ways to harm in a AGENTS.md in a project which we don't have control, so not sure there s much to do
zikajk
force-pushed
the
improve-context-handling
branch
from
c36db6e to
59d7a43
Compare
When users include @some-file in prompts (or inside AGENTS.md), missing/unreadable files used to inject placeholder strings like “File not found” into the model context, creating pure noise and risking downstream issues. This change makes missing/unreadable file contexts a no-op: - llm-api/refine-file-context logs warnings and returns nil instead of placeholder text - context collection skips nil contexts (including recursive AGENTS.md parsing and directory expansions), preventing nil/“File not found” from reaching the prompt - prompt metadata clarifies AGENTS.md as “Primary System Directives & Coding Standards”
zikajk
force-pushed
the
improve-context-handling
branch
from
59d7a43 to
9b4fc9d
Compare
When users include @some-file in prompts (or inside AGENTS.md), missing/unreadable files used to inject placeholder strings like “File not found” into the model context, creating pure noise and risking downstream issues.
This change makes missing/unreadable file contexts a no-op:
llm-api/refine-file-context logs warnings and returns nil instead of placeholder text
context collection skips nil contexts (including recursive AGENTS.md parsing and directory expansions), preventing nil/“File not found” from reaching the prompt
prompt metadata clarifies AGENTS.md as “Primary System Directives & Coding Standards”
I added a entry in changelog under unreleased section.