Summary
Create a remediation cookbook that shows developers exactly how to fix the most common g0 findings, with framework-specific before/after code examples.
Motivation
g0 findings include a "Fix" line with generic guidance, but developers need concrete code examples. When a developer sees "Shared memory between users [AA-DL-046]", they need to see the exact code change for their framework, not just "Isolate memory per user_id."
Proposed Content
Structure
For each of the top 20 most common findings:
- Rule ID and description — what's wrong and why it matters
- Risk — real-world attack scenario (1-2 sentences)
- Before — vulnerable code snippet (per framework)
- After — fixed code snippet (per framework)
- Why this works — brief explanation of the fix
- Standards — which compliance requirements this addresses
Top 20 Findings to Cover
Goal Integrity
- AA-GI-001 — System prompt has no scope boundaries
- AA-GI-002 — No role definition in agent instructions
- AA-GI-010 — Missing behavioral constraints
Tool Safety
4. AA-TS-002 — Database tool without input validation
5. AA-TS-003 — Shell execution tool without sanitization
6. AA-TS-010 — Tool with overly broad permissions
Data Leakage
7. AA-DL-046 — Shared memory between users
8. AA-DL-001 — PII in agent responses without masking
9. AA-DL-050 — Logging contains sensitive data
Supply Chain
10. AA-SC-001 — MCP server without version pinning
11. AA-SC-010 — Hardcoded credentials in MCP config
12. AA-SC-020 — Unverified skill/tool source
Memory & Context
13. AA-MP-001 — No context window limits
14. AA-MP-010 — Memory persists across sessions without cleanup
Identity & Access
15. AA-IA-001 — No authentication on agent endpoint
16. AA-IA-010 — Missing rate limiting
Human Oversight
17. AA-HO-001 — No human approval for high-risk actions
18. AA-HO-010 — Missing audit trail
Code Execution
19. AA-CE-001 — Unsandboxed code execution
20. AA-CE-010 — No output validation from code execution
Framework Coverage Per Finding
- Python (LangChain, CrewAI, OpenAI SDK)
- TypeScript (Vercel AI, MCP, OpenAI SDK)
- Java (LangChain4j, Spring AI)
- Go (Go AI patterns)
File to Create
docs/remediation-cookbook.md- Link from docs/README.md, getting-started.md, and rules.md
Acceptance Criteria
Summary
Create a remediation cookbook that shows developers exactly how to fix the most common g0 findings, with framework-specific before/after code examples.
Motivation
g0 findings include a "Fix" line with generic guidance, but developers need concrete code examples. When a developer sees "Shared memory between users [AA-DL-046]", they need to see the exact code change for their framework, not just "Isolate memory per user_id."
Proposed Content
Structure
For each of the top 20 most common findings:
Top 20 Findings to Cover
Goal Integrity
Tool Safety
4. AA-TS-002 — Database tool without input validation
5. AA-TS-003 — Shell execution tool without sanitization
6. AA-TS-010 — Tool with overly broad permissions
Data Leakage
7. AA-DL-046 — Shared memory between users
8. AA-DL-001 — PII in agent responses without masking
9. AA-DL-050 — Logging contains sensitive data
Supply Chain
10. AA-SC-001 — MCP server without version pinning
11. AA-SC-010 — Hardcoded credentials in MCP config
12. AA-SC-020 — Unverified skill/tool source
Memory & Context
13. AA-MP-001 — No context window limits
14. AA-MP-010 — Memory persists across sessions without cleanup
Identity & Access
15. AA-IA-001 — No authentication on agent endpoint
16. AA-IA-010 — Missing rate limiting
Human Oversight
17. AA-HO-001 — No human approval for high-risk actions
18. AA-HO-010 — Missing audit trail
Code Execution
19. AA-CE-001 — Unsandboxed code execution
20. AA-CE-010 — No output validation from code execution
Framework Coverage Per Finding
File to Create
docs/remediation-cookbook.mdAcceptance Criteria