> For the complete documentation index, see [llms.txt](https://ai-os-and-trend-finder.gitbook.io/ai-os-and-trend-finder-docs/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://ai-os-and-trend-finder.gitbook.io/ai-os-and-trend-finder-docs/.spec_system/archive/sessions/phase25-session05-full-prompt-drawer-copy-briefings/security-compliance.md).

# Security Compliance

**Session ID**: `phase25-session05-full-prompt-drawer-copy-briefings` **Reviewed**: 2026-06-08 16:00 **Status**: Complete

***

## Scope

This session projects existing typed `HermesMissionGoal.full_prompt` browser data into Mission Control cards, copy actions, and a goal detail sheet.

## Security Boundaries

* No new bridge endpoint is introduced.
* No mission write contract is changed.
* Tick and clear writes remain on the existing admin-gated hook path.
* Clipboard is the only new browser side effect.
* Browser feedback must not echo full prompts, tokens, auth headers, local paths, raw bridge errors, or secrets.

## Review Checklist

* [x] Prompt copy builders include the Mission Control no-self-tick guard.
* [x] Agent copy enforces `/goal` prefix safety.
* [x] Human briefing copy stays readable without exposing runtime secrets.
* [x] Clipboard failure uses bounded fallback feedback.
* [x] Detail sheet renders prompt text with bounded scrolling and wrapping.
* [x] Existing admin-gated writes remain unchanged.
* [x] Hermes and Claude Code behavior remains contract-parity.
* [x] Focused tests cover security-relevant behavior.

## Findings

No security findings.

## Verification

* Focused helper and Mission Control tests passed: 31 tests.
* `bun run typecheck` passed.
* `bun run lint` passed.
* Touched files passed ASCII and Unix LF checks.
* Browser overflow review passed for live human sheet and intercepted long agent prompt sheet at desktop and mobile widths.


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://ai-os-and-trend-finder.gitbook.io/ai-os-and-trend-finder-docs/.spec_system/archive/sessions/phase25-session05-full-prompt-drawer-copy-briefings/security-compliance.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.
