> For the complete documentation index, see [llms.txt](https://ai-os-and-trend-finder.gitbook.io/ai-os-and-trend-finder-docs/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://ai-os-and-trend-finder.gitbook.io/ai-os-and-trend-finder-docs/.spec_system/archive/sessions/phase40-session03-shared-redaction-foundation/tasks.md).

# Task Checklist

**Session ID**: `phase40-session03-shared-redaction-foundation` **Total Tasks**: 18 **Estimated Duration**: 3-4 hours **Created**: 2026-07-02

***

Legend: `[x]` completed; `[ ]` pending; `[P]` parallelizable; `[SNNMM]` session ref; `TNNN` task ID.

***

## Setup (2 tasks)

* [x] T001 \[S4003] Verify Session 01 and Session 02 handoff artifacts, current worktree status, and focused redaction owners (`.spec_system/specs/phase40-session01-baseline-and-port-invariants/IMPLEMENTATION_SUMMARY.md`)
* [x] T002 \[S4003] Run focused baseline sanitizer and Hermes bridge tests before edits (`bunx vitest run scripts/lib/__tests__/sanitize.test.ts scripts/lib/__tests__/hermes-admin-bridge.test.ts scripts/lib/__tests__/hermes-dev-bridge.test.ts`)

***

## Foundation (5 tasks)

* [x] T003 \[S4003] \[P] Add shared bridge-output redaction helpers with ANSI/CSI stripping and existing sanitize integration (`scripts/lib/sanitize.ts`)
* [x] T004 \[S4003] \[P] Add a narrow likely-secret detector for key/value secrets, token shapes, account/user/channel/chat IDs, and long opaque strings (`scripts/lib/sanitize.ts`)
* [x] T005 \[S4003] \[P] Add sanitizer tests for ANSI/CSI, home path variants, symlink-realpath-style homes, emails, key/value secrets, token shapes, account IDs, and opaque strings (`scripts/lib/__tests__/sanitize.test.ts`)
* [x] T006 \[S4003] \[P] Add sanitizer negative tests proving safe provider IDs, model IDs, MoA names, warning codes, and ordinary prose survive (`scripts/lib/__tests__/sanitize.test.ts`)
* [x] T007 \[S4003] Add upstream-style command, chat, MoA, YAML warning, and bridge failure fixtures for shared redaction coverage (`scripts/lib/__tests__/sanitize.test.ts`)

***

## Implementation (5 tasks)

* [x] T008 \[S4003] Replace Hermes admin command and chat output redaction with the shared bridge-output helper (`scripts/lib/hermes-admin-bridge.ts`)
* [x] T009 \[S4003] Replace Hermes admin persona/YAML secret warning detection with the shared likely-secret detector (`scripts/lib/hermes-admin-bridge.ts`)
* [x] T010 \[S4003] Add Hermes admin tests for command stdout/stderr, chat stream output, chat failure detail, and provider-auth detail redaction (`scripts/lib/__tests__/hermes-admin-bridge.test.ts`)
* [x] T011 \[S4003] Add Hermes admin tests for persona/YAML warning detection without model/provider false positives (`scripts/lib/__tests__/hermes-admin-bridge.test.ts`)
* [x] T012 \[S4003] Reuse the shared detector for Hermes dev bridge model/configured output safety without changing the public response shape (`scripts/lib/hermes-dev-bridge.ts`)

***

## Testing (6 tasks)

* [x] T013 \[S4003] Add or update Hermes dev bridge tests preserving Session 02 no-leak behavior and safe model/provider IDs (`scripts/lib/__tests__/hermes-dev-bridge.test.ts`)
* [x] T014 \[S4003] Run sanitizer unit tests (`bunx vitest run scripts/lib/__tests__/sanitize.test.ts`)
* [x] T015 \[S4003] Run focused Hermes admin and dev bridge tests (`bunx vitest run scripts/lib/__tests__/hermes-admin-bridge.test.ts scripts/lib/__tests__/hermes-dev-bridge.test.ts`)
* [x] T016 \[S4003] Run the focused Phase 40 shared-redaction suite (`bunx vitest run scripts/lib/__tests__/sanitize.test.ts scripts/lib/__tests__/hermes-admin-bridge.test.ts scripts/lib/__tests__/hermes-dev-bridge.test.ts`)
* [x] T017 \[S4003] Run script typecheck for modified bridge and sanitizer owners (`bun run typecheck:scripts`)
* [x] T018 \[S4003] Validate ASCII, LF, and diff whitespace requirements for session changes (`git diff --check`)

***

## Completion Checklist

* [x] All tasks marked `[x]`
* [x] All tests and checks passing
* [x] All files ASCII-encoded with LF line endings
* [x] implementation-notes.md updated
* [x] Ready for `creview` (next step in the implement -> creview -> validate sequence)

***

## Next Steps

Run the `creview` workflow step.


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://ai-os-and-trend-finder.gitbook.io/ai-os-and-trend-finder-docs/.spec_system/archive/sessions/phase40-session03-shared-redaction-foundation/tasks.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.
