ktg-plugin-marketplace

open/ktg-plugin-marketplace

Fork 0

Commit graph

Author	SHA1	Message	Date
Kjell Tore Guttormsen	911871ff53	fix(linkedin-studio): ship placeholder voice profile, gitignore real, sentinel detection Wave 2 / Step 5 of the remediation plan (coupled criticals: voice-leak + placeholder-detection). Voice profile (the adopter-default leak): - Ship a PII-free placeholder at authentic-voice-samples.md carrying a <!-- VOICE_PLACEHOLDER --> sentinel + neutral default voice principles. - Migrate the author's real profile to gitignored authentic-voice-samples.local.md (already matched by *.local.md; added an explicit, commented .gitignore entry so the intent is unmissable). NO git-history rewrite — the historical file is attributed authorship, not a secret (per the plan threat model). - Add authentic-voice-samples.template.md — a clean fill-in template for adopters. - personalization-score.mjs: detect the sentinel (deterministic) instead of the unreliable `[Your Name]` heuristic, so the placeholder scores 0 voice points and a populated profile (sentinel removed) earns the 25. - Both voice writers replace-not-append on the placeholder: setup.md (merge -> replace-if-placeholder) and onboarding.md (append -> replace-if-placeholder), so populating removes the sentinel; updated setup.md's stale heuristic table. Operator decisions (deviations from plan-literal, approved this session): - KEEP the plugin.json author name. The plan said scrub author -> neutral/org, but that contradicts its own LICENSE reasoning (intentional MIT attribution) and all 5 sibling plugins keep author = the author; scrubbing only this one would create inconsistency for zero security gain (the name is public-by-design). The voice placeholder fully fixes the adopter-inheritance bug. - Scrub the stale "January 2026 360Brew" brand from the plugin.json description and the "360brew" keyword (locked decision: no publishable model name/date). This is a Wave-1 propagation miss surfaced here because plugin.json was in Step 5's touch-scope. Flagged for follow-up (NOT done here — out of Session 2 scope): - The lint's stat-consistency grep (scripts/test-runner.sh) scans references/, commands/, skills/, hooks/prompts/, CLAUDE.md, README.md — but NOT .claude-plugin/plugin.json, which is why the 360Brew brand slipped Wave 1. Needs a Session-1-scoped lint extension to add plugin.json to the scan set. - Readers (user-prompt-context.mjs, voice-guardian.md, state-update-reminder.md) read the tracked .md (placeholder), per the plan. The operator's real voice now lives in the gitignored .local.md, which nothing reads. To use it, readers + the voice score should prefer .local.md (matching the user-profile.local.md precedent). Deferred as a coherence follow-up for operator review. Test-first: hooks/scripts/__tests__/personalization-score.test.mjs (red on the placeholder scoring 25 under the old heuristic, green after the sentinel fix). Hook suite 62/62, structural lint 0 failed. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>	2026-05-30 00:23:32 +02:00

Author

SHA1

Message

Date

Kjell Tore Guttormsen

911871ff53

fix(linkedin-studio): ship placeholder voice profile, gitignore real, sentinel detection

Wave 2 / Step 5 of the remediation plan (coupled criticals: voice-leak +
placeholder-detection).

Voice profile (the adopter-default leak):
- Ship a PII-free placeholder at authentic-voice-samples.md carrying a
  <!-- VOICE_PLACEHOLDER --> sentinel + neutral default voice principles.
- Migrate the author's real profile to gitignored authentic-voice-samples.local.md
  (already matched by *.local.md; added an explicit, commented .gitignore entry so
  the intent is unmissable). NO git-history rewrite — the historical file is
  attributed authorship, not a secret (per the plan threat model).
- Add authentic-voice-samples.template.md — a clean fill-in template for adopters.
- personalization-score.mjs: detect the sentinel (deterministic) instead of the
  unreliable `[Your Name]` heuristic, so the placeholder scores 0 voice points and
  a populated profile (sentinel removed) earns the 25.
- Both voice writers replace-not-append on the placeholder: setup.md (merge ->
  replace-if-placeholder) and onboarding.md (append -> replace-if-placeholder), so
  populating removes the sentinel; updated setup.md's stale heuristic table.

Operator decisions (deviations from plan-literal, approved this session):
- KEEP the plugin.json author name. The plan said scrub author -> neutral/org, but
  that contradicts its own LICENSE reasoning (intentional MIT attribution) and all
  5 sibling plugins keep author = the author; scrubbing only this one would create
  inconsistency for zero security gain (the name is public-by-design). The voice
  placeholder fully fixes the adopter-inheritance bug.
- Scrub the stale "January 2026 360Brew" brand from the plugin.json description and
  the "360brew" keyword (locked decision: no publishable model name/date). This is
  a Wave-1 propagation miss surfaced here because plugin.json was in Step 5's
  touch-scope.

Flagged for follow-up (NOT done here — out of Session 2 scope):
- The lint's stat-consistency grep (scripts/test-runner.sh) scans references/,
  commands/, skills/, hooks/prompts/, CLAUDE.md, README.md — but NOT
  .claude-plugin/plugin.json, which is why the 360Brew brand slipped Wave 1.
  Needs a Session-1-scoped lint extension to add plugin.json to the scan set.
- Readers (user-prompt-context.mjs, voice-guardian.md, state-update-reminder.md)
  read the tracked .md (placeholder), per the plan. The operator's real voice now
  lives in the gitignored .local.md, which nothing reads. To use it, readers + the
  voice score should prefer .local.md (matching the user-profile.local.md
  precedent). Deferred as a coherence follow-up for operator review.

Test-first: hooks/scripts/__tests__/personalization-score.test.mjs (red on the
placeholder scoring 25 under the old heuristic, green after the sentinel fix). Hook
suite 62/62, structural lint 0 failed.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

2026-05-30 00:23:32 +02:00

1 commit