Skip to content

Remove WIZARD_DOC_BASENAMES PII band-aid after warlock PII rules ship #531

Description

@sarahxsanders

Why

`src/lib/yara-hooks.ts` currently has a wizard-side suppression block (`WIZARD_DOC_BASENAMES`, `WIZARD_DOC_PATTERNS`, `isWizardDocumentationPath`) that drops `posthog_pii` matches when the file being written has one of a hardcoded set of basenames.

This was added by Edwin as a band-aid because the original `posthog_pii_in_capture_call` rule was too noisy — it fired on the agent verbatim-copying the user's existing capture calls into inventories or reports.

PostHog/warlock#33 replaces that single noisy rule with two new precision-tuned rules (`posthog_pii_in_person_properties`, `posthog_pii_value_in_tracking_call`). Once the wizard consumes those, the band-aid should go.

What needs to happen

  1. Confirm Joe's warlock chore: point user towards docs when they face an issue #33 is merged and released, and the wizard's pinned warlock SHA includes it.
  2. Re-run the events-audit, audit (doctor), and posthog-integration programs against representative test apps to verify the new rules don't fire on the wizard's own report/inventory writes.
  3. If clean, delete `WIZARD_DOC_BASENAMES`, `WIZARD_DOC_PATTERNS`, `isWizardDocumentationPath`, and the suppression block in the Write/Edit hook. Remove the matching imports from `@lib/programs/events-audit/constants` and `@lib/programs/posthog-integration/constants` if no other consumer remains.
  4. If the new rules still fire spuriously on wizard docs, don't restore the wizard-side band-aid — file a warlock issue describing the false positive instead. Detection layering belongs in warlock.

Related security finding (deferred, not lost)

The current basename-only check is spoofable: an agent under prompt-injection influence that's steered into writing real PII to a file named `.posthog-events.json` bypasses the PII detector. Removing the band-aid removes the bypass too.

Anchor in code

`src/lib/yara-hooks.ts:307` (basename set), `:317` (patterns), `:322` (predicate). There's a `TODO(warlock-npm):` comment at the suppression site flagging this cleanup.

🤖 Generated with Claude Code

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type
    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions