fix: prevent bypassing .rooignore restrictions via terminal commands

- Updated error message when files are blocked by .rooignore to explicitly warn against using terminal commands to bypass restrictions
- Added clear instructions in .rooignore system prompt to not attempt bypassing restrictions
- Updated tests to verify the new warning messages are included

Fixes #7204

Author: roomote

src/core/ignore/RooIgnoreController.ts

@@ -196,6 +196,6 @@ export class RooIgnoreController {
 			return undefined
 		}
 
-		return `# .rooignore\n\n(The following is provided by a root-level .rooignore file where the user has specified files and directories that should not be accessed. When using list_files, you'll notice a ${LOCK_TEXT_SYMBOL} next to files that are blocked. Attempting to access the file's contents e.g. through read_file will result in an error.)\n\n${this.rooIgnoreContent}\n.rooignore`
+		return `# .rooignore\n\n(The following is provided by a root-level .rooignore file where the user has specified files and directories that should not be accessed. When using list_files, you'll notice a ${LOCK_TEXT_SYMBOL} next to files that are blocked. Attempting to access the file's contents e.g. through read_file will result in an error. IMPORTANT: Do NOT attempt to bypass these restrictions by using terminal commands to read the file contents - this violates the user's explicit access restrictions.)\n\n${this.rooIgnoreContent}\n.rooignore`
 	}
 }

src/core/ignore/__tests__/RooIgnoreController.spec.ts

@@ -368,6 +368,7 @@ describe("RooIgnoreController", () => {
 			// Verify instruction format
 			expect(instructions).toContain("# .rooignore")
 			expect(instructions).toContain(LOCK_TEXT_SYMBOL)
+			expect(instructions).toContain("Do NOT attempt to bypass these restrictions by using terminal commands")
 			expect(instructions).toContain("node_modules")
 			expect(instructions).toContain(".git")
 			expect(instructions).toContain("secrets/**")

src/core/prompts/__tests__/responses-rooignore.spec.ts

@@ -55,6 +55,7 @@ describe("RooIgnore Response Formatting", () => {
 			expect(errorMessage).toContain("Access to secrets/api-keys.json is blocked by the .rooignore file settings")
 			expect(errorMessage).toContain("continue in the task without using this file")
 			expect(errorMessage).toContain("ask the user to update the .rooignore file")
+			expect(errorMessage).toContain("Do NOT attempt to bypass this restriction by using terminal commands")
 		})
 
 		/**
@@ -220,6 +221,7 @@ describe("RooIgnore Response Formatting", () => {
 			// Verify format and content
 			expect(instructions).toContain("# .rooignore")
 			expect(instructions).toContain(LOCK_TEXT_SYMBOL)
+			expect(instructions).toContain("Do NOT attempt to bypass these restrictions by using terminal commands")
 			expect(instructions).toContain("node_modules")
 			expect(instructions).toContain(".git")
 			expect(instructions).toContain("secrets/**")

src/core/prompts/responses.ts

@@ -16,7 +16,7 @@ export const formatResponse = {
 	toolError: (error?: string) => `The tool execution failed with the following error:\n<error>\n${error}\n</error>`,
 
 	rooIgnoreError: (path: string) =>
-		`Access to ${path} is blocked by the .rooignore file settings. You must try to continue in the task without using this file, or ask the user to update the .rooignore file.`,
+		`Access to ${path} is blocked by the .rooignore file settings. You must try to continue in the task without using this file, or ask the user to update the .rooignore file. IMPORTANT: Do NOT attempt to bypass this restriction by using terminal commands (like cat, head, tail, etc.) to read the file contents - this violates the user's explicit access restrictions.`,
 
 	noToolsUsed: () =>
 		`[ERROR] You did not use a tool in your previous response! Please retry with a tool use.

src/core/tools/__tests__/readFileTool.spec.ts

@@ -96,7 +96,7 @@ vi.mock("../../prompts/responses", () => ({
 		),
 		rooIgnoreError: vi.fn(
 			(path: string) =>
-				`Access to ${path} is blocked by the .rooignore file settings. You must try to continue in the task without using this file, or ask the user to update the .rooignore file.`,
+				`Access to ${path} is blocked by the .rooignore file settings. You must try to continue in the task without using this file, or ask the user to update the .rooignore file. IMPORTANT: Do NOT attempt to bypass this restriction by using terminal commands (like cat, head, tail, etc.) to read the file contents - this violates the user's explicit access restrictions.`,
 		),
 		toolResult: toolResultMock,
 		imageBlocks: imageBlocksMock,
@@ -1322,7 +1322,7 @@ describe("read_file tool XML output structure", () => {
 
 			// Verify
 			expect(result).toBe(
-				`<files>\n<file><path>${testFilePath}</path><error>Access to ${testFilePath} is blocked by the .rooignore file settings. You must try to continue in the task without using this file, or ask the user to update the .rooignore file.</error></file>\n</files>`,
+				`<files>\n<file><path>${testFilePath}</path><error>Access to ${testFilePath} is blocked by the .rooignore file settings. You must try to continue in the task without using this file, or ask the user to update the .rooignore file. IMPORTANT: Do NOT attempt to bypass this restriction by using terminal commands (like cat, head, tail, etc.) to read the file contents - this violates the user's explicit access restrictions.</error></file>\n</files>`,
 			)
 		})
 	})