From e7f12a6d93f98291bf718629f606cefaba37d8ac Mon Sep 17 00:00:00 2001
From: root <root@island37.com>
Date: Thu, 26 Mar 2026 03:49:17 -0500
Subject: [PATCH] =?UTF-8?q?Tighten=20AI=20security=20prompts=20=E2=80=94?=
 =?UTF-8?q?=20aggressive=20stance=20for=20private=20server?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Enrichment AI prompt:
- Explicitly states this is a PRIVATE application
- Strict threat level rules: 10+ blocklists = always critical,
  exploit scans = always critical, SSH-only = suspicious
- Added "compromised_host" classification option
- Recommendation options: ban permanently, ban 24h, monitor, ignore

Sentinel batch prompt:
- "Err on the side of banning" directive
- .env.production/.env.local probing = targeted recon, instant ban
- When in doubt, BAN — private server has no public scanning excuse
- Tighter rules for automated UA detection

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 llm_team_ui.py | 38 +++++++++++++++++++++++++-------------
 1 file changed, 25 insertions(+), 13 deletions(-)

diff --git a/llm_team_ui.py b/llm_team_ui.py
index 7b98de2..3d4fcd8 100644
--- a/llm_team_ui.py
+++ b/llm_team_ui.py
@@ -4144,16 +4144,25 @@ def admin_enrich_ip():
         log_ctx = "\n".join(ip_logs[-20:]) if ip_logs else "No log entries found."
 
         prompt = (
-            f"You are a cybersecurity analyst. Provide a detailed threat assessment for IP {ip}.\n\n"
+            f"You are an aggressive cybersecurity analyst protecting a production web application. "
+            f"Provide a detailed threat assessment for IP {ip}. "
+            f"This is a PRIVATE application — there is NO legitimate reason for unknown IPs to scan it.\n\n"
             f"{geo_ctx}{wc_ctx}\n"
             f"Activity log ({len(ip_logs)} total entries, showing last 20):\n{log_ctx}\n\n"
+            "THREAT LEVEL RULES (follow strictly):\n"
+            "- critical: ANY exploit scan (.env, .git, wp-admin, etc.) OR blocked on multiple DNS blocklists OR multiple user agents\n"
+            "- high: probing non-existent paths repeatedly OR hosting/proxy IP OR port scan shows only SSH\n"
+            "- medium: a few 404s on common paths from non-proxy IP\n"
+            "- low: single benign request (robots.txt, favicon)\n"
+            "- An IP blocked on 10+ DNS blocklists is ALWAYS critical regardless of log activity\n"
+            "- An IP with only port 22 open and no web service is suspicious infrastructure\n\n"
             "Provide your analysis as JSON:\n"
             '{"threat_level": "none|low|medium|high|critical",\n'
-            ' "classification": "scanner|bruteforce|bot|researcher|targeted_attack|legitimate",\n'
+            ' "classification": "scanner|bruteforce|bot|researcher|targeted_attack|compromised_host|legitimate",\n'
             ' "confidence": 0.0-1.0,\n'
             ' "summary": "2-3 sentence threat assessment",\n'
             ' "indicators": ["list of specific indicators found"],\n'
-            ' "recommendation": "specific recommended action",\n'
+            ' "recommendation": "specific recommended action — ban permanently, ban 24h, monitor, or ignore",\n'
             ' "likely_automated": true/false,\n'
             ' "pattern": "description of attack pattern if any"}\n'
         )
@@ -6173,17 +6182,20 @@ def _sentinel_scan():
 
     # Batch analysis prompt
     prompt = (
-        "You are a web application security analyst. Analyze these log entries from the last 5 minutes "
-        "and classify each IP. Respond with ONLY a JSON array, one object per IP:\n"
+        "You are an aggressive cybersecurity sentinel protecting a PRIVATE production web application. "
+        "There is NO legitimate reason for unknown IPs to probe this server. "
+        "Analyze these log entries and classify each IP. Respond with ONLY a JSON array:\n"
         '[{"ip": "x.x.x.x", "threat": "none|low|medium|high|critical", "action": "ignore|monitor|ban", '
-        '"reason": "brief reason", "attack_type": "scanner|bruteforce|exploit|bot|legitimate"}]\n\n'
-        "Guidelines:\n"
-        "- /.git/config, /wp-admin, /phpmyadmin, /xmlrpc.php, /env, /admin.php = exploit scanner → ban\n"
-        "- Multiple different user agents from same IP = rotating scanner → ban\n"
-        "- /robots.txt or /favicon.ico alone = harmless bot → ignore\n"
-        "- Failed logins = bruteforce if >2 attempts → ban\n"
-        "- Headless chrome, bot UAs doing probing = automated scanner → ban\n"
-        "- Single 404 on a common path = probably harmless → ignore\n\n"
+        '"reason": "brief reason", "attack_type": "scanner|bruteforce|exploit|bot|compromised_host|legitimate"}]\n\n'
+        "RULES (follow strictly — err on the side of banning):\n"
+        "- ANY probe for /.git, /.env, /wp-admin, /phpmyadmin, /xmlrpc.php, /admin.php, /config = BAN immediately\n"
+        "- ANY probe for .env.production, .env.local, .env.development = BAN — this is targeted recon\n"
+        "- Multiple different user agents from same IP = rotating scanner = BAN\n"
+        "- HeadlessChrome, curl, python-requests doing probing = automated scanner = BAN\n"
+        "- Failed logins >= 2 = BAN\n"
+        "- /robots.txt or /favicon.ico ALONE from a known bot UA = ignore\n"
+        "- Everything else = BAN if it looks automated, monitor if genuinely ambiguous\n"
+        "- When in doubt, BAN. This is a private server.\n\n"
         "Log entries:\n\n"
     )
     for ip, summary, _ in analysis_items[:15]:  # max 15 IPs per scan