New security block is causing friction

[jcorbin]

As of recent update with the new src/security/suffix.rs piece, my agent is now frequently ignoring user prompts, and instead just replying with a quick "got it, I won't do that..." in response to the security reminder. Using glm-4.7-flash via ollama locally fwiw.

Thinking best about how to hack off the security block for now in my dev copy of the agent, but wanted to open this issue to discuss.

[yiwang]

will enforce end of sandwich security by default but provide a config option to disable it.

[jcorbin]

Awesome, ty for the config option relief valve!

A thought tho: what if the suffix message were a system rather than user role message?

So far at least, this patch is letting me keep the new security stuff on, and has not yet confused glm-4.7-flash fwiw:

diff --git a/src/agent/mod.rs b/src/agent/mod.rs
index 59490e3..8c40a50 100644
--- a/src/agent/mod.rs
+++ b/src/agent/mod.rs
@@ -314,7 +314,7 @@ impl Agent {
         // Only append if the block has content
         if !security_block.is_empty() {
             messages.push(Message {
-                role: Role::User,
+                role: Role::System,
                 content: security_block,
                 tool_calls: None,
                 tool_call_id: None,