1sbang ↗ analysis ↗ GitHub 1sbang/mike
1sbang's fork exists to harden Mike's system prompt: refuse leaks, protect personal data, resist tool misuse.
This is a security workshop, not a product fork. 1sbang isn't rebranding Mike or steering it toward a niche; the fork's main line matches upstream exactly, and anyone who ran it would get stock Mike. The substance sits in the proposals 1sbang has been pushing back toward the original project.
All four tracked threads circle one problem: the questions a legal assistant should decline to answer. The proposed rewrite of Mike's ground rules teaches it to refuse revealing its own setup, to decline handing over personal data, and to resist being talked into bulk data grabs through its tools. It also reframes refusals around what the requester is actually trying to do, so the assistant turns down bad-faith requests instead of pattern-matching keywords. The most rigorous round ran 330 attack probes against Mike's baseline prompt, found three concrete gaps, and fixed them. That proposal closed unmerged 90 seconds after opening, but the work and its validation artifacts are still published.
So the direction is narrow and clear: safety hardening offered upstream, so far without a taker. Nothing has moved since early May. If you care about how a legal AI assistant gets adversarially tested, the fork is worth a click; if you're shopping for a Mike variant to deploy, there's no divergence here to evaluate.
What's in it
- Prompt-leak refusals Mike declines to reveal its own setup and instructions, even when the request is dressed up as something innocent.
- PII and bulk-data guardrails Blocks attempts to extract personal data through conversation or to use Mike's tools for sweeping data grabs.
- Intent-based refusals Ground rules rewritten around what the requester is trying to accomplish, so Mike stops helping with requests it should turn down.
- Adversarial validation One proposal was tested with 330 attack probes against the baseline prompt, surfacing three concrete gaps before the fix was submitted.
Direction
security
Activity
1sbang ↗ analysis ↗ GitHub 1sbang ↗ analysis ↗ GitHub 1sbang ↗ analysis ↗ GitHub Threads of work (detailed view)
1sbang tries to teach Mike when to refuse
A security-only proposal that rewrites Mike's ground rules around intent, so it stops helping with requests it should turn down.
1sbang hardens Mike against the questions it shouldn't answer
A prompt-only rewrite that teaches the legal assistant to refuse leaking its own setup, handing over personal data, or being talked into bulk data grabs.
System prompt hardening: PII refusals, tool misuse guardrails, prompt confidentiality
@1sbang ran 330 attack probes against Mike's baseline prompt and found three gaps worth fixing in a legal AI context. The resulting change is 35 lines added to `chatTools.ts` - no tool or routing changes, just prompt text.
1sbang tries to teach Mike to keep its mouth shut
A security proposal that hardens Mike's ground rules against being talked into a leak, tested but closed before it could land.
1sbang adds adversarially-tested system prompt guardrails for PII and tool misuse
@1sbang ran 330 attack probes against Mike's baseline system prompt, found three concrete gaps, and submitted a fix. The PR closed unmerged 90 seconds after opening, but the work and validation artifacts are on the branch.
Pull requests (detailed view)
⛔ Closed without merge (4)
#38 Security hardening: system prompt confidentiality, PII boundaries, and tool use guardrails 1sbang · opened 2mo ago · closed 2mo ago #38 Security hardening: system prompt confidentiality, PII boundaries, and tool use guardrails 1sbang · opened 2mo ago · closed 2mo ago #37 Security hardening: system prompt confidentiality, PII boundaries, and tool use guardrails 1sbang · opened 2mo ago · closed 2mo ago #37 Security hardening: system prompt confidentiality, PII boundaries, and tool use guardrails 1sbang · opened 2mo ago · closed 2mo ago