Prompt
Always preserve existing security constraints and validation mechanisms rather than weakening them for convenience or functionality. When modifying authentication, validation, or security-related code, ensure that the changes maintain or strengthen the security posture.
Key principles:
- Don’t bypass or weaken hash validation even when it seems unnecessary
- Maintain strict authentication precedence to prevent credential confusion
- Preserve security checks that prevent unauthorized access or data integrity issues
Example from hash validation:
# Good: Maintain strict validation
known_hashes = {f["hash"] for f in package.files if f["file"] == archive.name}
if known_hashes and archive_hash not in known_hashes:
# Still fails for security when no known hashes exist
# Bad: Weakening the constraint
if archive_hash not in known_hashes: # Passes when known_hashes is empty
When in doubt about whether a security constraint is necessary, err on the side of maintaining it unless there’s clear evidence it’s safe to remove.