Skip to content

Remove XPIA prompt injection step and configuration#10085

Merged
pelikhan merged 6 commits intomainfrom
copilot/remove-xpia-prompt-step
Jan 15, 2026
Merged

Remove XPIA prompt injection step and configuration#10085
pelikhan merged 6 commits intomainfrom
copilot/remove-xpia-prompt-step

Conversation

Copy link
Contributor

Copilot AI commented Jan 15, 2026
edited
Loading

Remove XPIA Prompt Insertion Step and Prompt File

This PR removes the XPIA (Cross-Prompt Injection Attack) security warning functionality from gh-aw workflows.

Summary of Changes

Removed Files:

  • actions/setup/md/xpia_prompt.md - XPIA security warning prompt file
  • pkg/workflow/xpia_test.go - XPIA-specific test file

Modified Files:

  • pkg/workflow/prompts.go - Removed generateXPIAPromptStep() function
  • pkg/workflow/compiler_yaml.go - Removed call to generate XPIA step
  • pkg/workflow/sh.go - Removed xpiaPromptFile constant
  • pkg/workflow/compiler_types.go - Removed SafetyPrompt field from WorkflowData
  • pkg/workflow/tools_types.go - Removed SafetyPrompt field from ToolsConfig
  • pkg/workflow/frontmatter_extraction_metadata.go - Removed extractSafetyPromptSetting()
  • pkg/workflow/compiler_orchestrator.go - Removed safety-prompt extraction and initialization
  • pkg/workflow/codex_engine.go - Removed SafetyPrompt field initialization
  • pkg/workflow/tools_parser.go - Removed parseSafetyPromptTool() and references
  • pkg/parser/schemas/main_workflow_schema.json - Removed safety-prompt schema definition
  • pkg/parser/schemas/included_file_schema.json - Removed safety-prompt schema definition
  • docs/src/content/docs/reference/frontmatter-full.md - Removed safety-prompt documentation
  • specs/layout.md - Removed xpia_prompt.md reference
  • All .lock.yml workflow files - Recompiled without XPIA step

Test Updates:

  • Removed XPIA-specific tests from temp_folder_test.go, importable_tools_test.go, prompt_step_test.go, and prompt_step_helper_test.go

Recent Updates

  • Merged main branch - Integrated latest changes from main
  • Recompiled workflows - All 123 workflows compiled successfully with updated binary

Validation Results

Build: Successfully compiled binary with embedded schemas
Recompile: All 123 workflow files compiled successfully
Format: All Go, JavaScript, and JSON files properly formatted
Lint: No linting issues detected
Tests: All XPIA-related tests removed; remaining test failures are pre-existing (confirmed on base commit)

Pre-existing Test Failures (Not Related to This PR)

The following tests were already failing on the base commit before these changes:

  • TestGenerateSafeOutputsConfig/create-agent-session_config
  • TestGenerateFilteredToolsJSON (multiple subtests)
  • TestGetSafeOutputsToolsJSON
  • Other unrelated tests in pkg/workflow

These failures are unrelated to XPIA removal and existed before this PR.

Original prompt

Remove XPIA prompt insertion step and prompt file.

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

Copilot AI and others added 4 commits January 15, 2026 14:35
@pelikhan
Initial plan: Remove XPIA prompt insertion step and prompt file
b5756ee 
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
@pelikhan
Remove XPIA prompt insertion step and prompt file - core changes
b5d6a08 
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
@pelikhan
Fix remaining SafetyPrompt references and recompile workflows
2b821ea 
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
@pelikhan
Complete XPIA removal - all validations passed
dd0c17d 
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Copilot AI changed the title [WIP] Remove XPIA prompt insertion step and prompt file Remove XPIA prompt injection step and configuration Jan 15, 2026
Copilot AI requested a review from pelikhan January 15, 2026 15:03
@pelikhan pelikhan marked this pull request as ready for review January 15, 2026 15:06
@pelikhan
Copy link
Contributor

pelikhan commented Jan 15, 2026

@copilot merge main, recompile

Merge remote-tracking branch 'origin/main' into copilot/remove-xpia-p…
139edd0 
…rompt-step

# Conflicts:
#	.github/workflows/security-fix-pr.lock.yml
Copy link
Contributor Author

Copilot AI commented Jan 15, 2026

@copilot merge main, recompile

Done. Merged main branch and recompiled all workflows. All 123 workflows compiled successfully. Commit: 139edd0

@pelikhan pelikhan merged commit 397f490 into main Jan 15, 2026
@pelikhan pelikhan deleted the copilot/remove-xpia-prompt-step branch January 15, 2026 15:59
@github-actions github-actions bot mentioned this pull request Jan 15, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pelikhan pelikhan Awaiting requested review from pelikhan

Assignees

@pelikhan pelikhan

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@pelikhan