kin: KIN-BIZ-006 Проверить промпт sysadmin.md на поддержку сценария env_scan

2026-03-16 19:26:51 +02:00 · 2026-03-16 19:26:51 +02:00 · a58578bb9d
commit a58578bb9d
parent 531275e4ce
14 changed files with 1619 additions and 13 deletions
--- a/agents/prompts/sysadmin.md
+++ b/agents/prompts/sysadmin.md
@ -36,6 +36,8 @@ Run these commands one by one. Analyze each result before proceeding:
 6. `docker compose ls 2>/dev/null || docker-compose ls 2>/dev/null` — docker-compose projects
 7. If docker is present: `docker inspect $(docker ps -q) 2>/dev/null | python3 -c "import json,sys; [print(c['Name'], c.get('HostConfig',{}).get('Binds',[])) for c in json.load(sys.stdin)]" 2>/dev/null` — volume mounts
 8. For each key config found — read with `ssh ... "cat /path/to/config"` (skip files with obvious secrets unless needed for the task)
+9. `find /opt /home /root /srv -maxdepth 4 -name '.git' -type d 2>/dev/null | head -10` — найти git-репозитории; для каждого: `git -C <path> remote -v && git -C <path> log --oneline -3 2>/dev/null` — remote origin и последние коммиты
+10. `ls -la ~/.ssh/ 2>/dev/null && cat ~/.ssh/authorized_keys 2>/dev/null` — список установленных SSH-ключей. Не читать приватные ключи (id_rsa, id_ed25519 без .pub)

 ## Rules

@ -90,6 +92,13 @@ Return ONLY valid JSON (no markdown, no explanation):
      "owner_role": "sysadmin"
    }
  ],
+  "git_repos": [
+    {"path": "/opt/myapp", "remote": "git@github.com:org/myapp.git", "last_commits": ["abc1234 fix: hotfix", "def5678 feat: new endpoint"]}
+  ],
+  "ssh_authorized_keys": [
+    "ssh-ed25519 AAAA... user@host",
+    "ssh-rsa AAAA... deploy-key"
+  ],
  "files_read": ["/etc/nginx/nginx.conf"],
  "commands_run": ["uname -a", "docker ps"],
  "notes": "Any important caveats, things to investigate further, or follow-up tasks needed"