追加 reviewer 发现,请纳入你的后端实作范围:

Metadata

  • Stable ID: codex-user-prompt:1ca6f85b01aa68b2
  • Source kind: codex-session-user
  • Category: research-workflow
  • Timestamp: 2026-05-12T19:38:05.585Z
  • Semantic hash: 1ca6f85b01aa68b27dad0d52bded3dccec4c1262598606fe58234e813f60b145
  • Public handling: selected full-text prompt with secret filtering.

Prompt Text

追加 reviewer 发现,请纳入你的后端实作范围:
P0: AUTH_MODE=token 目前不保护 mutating API。请实现后端 auth dependency:当 settings.auth_mode != disabled 时,所有 mutating routes(POST/PATCH/PUT/DELETE,允许 /health/runtime/connectors/readiness 读操作)需要 Authorization header,否则 401。不要在 frontend 存 secrets;用 simple bearer presence baseline 即可,文档标明不是完整 RBAC。
P1: scheduler/report artifact id 碰撞;CLI rag ask 对 bad paper id 要非零/报错;ingest source invalid 不要静默 fallback arxiv;/evaluation/run RAG 全 0 命中不应 overall_status ok,可用 warning/degraded;readiness notifications.delivery_enabled 语义改成 false 或 provider_delivery_enabled false,避免和 preview 冲突。
继续保持后端/CLI/tests/docs 写入范围,不碰 frontend dashboard。

Reuse Notes

  • EXTRACTED: This is a selected Codex prompt or automation prompt from the local Codex corpus.
  • INFERRED: Future agents can reuse its structure, constraints, and acceptance criteria when creating similar Codex workflows.