[Phase 0.3.3] Add AI ethics review checklist as PR template #13
Description
Phase
Phase 0 — Foundations | Track 0.3 — AI Principles Framework | Priority: P1
Summary
Create a GitHub PR template with a mandatory AI safety and security checklist.
What
Create .github/PULL_REQUEST_TEMPLATE.md with:
## Changes
<!-- Describe what this PR does -->
## AI Safety & Security Checklist
<!-- Check all that apply. If a box is unchecked, explain why in the PR description. -->
### Input Validation
- [ ] All external inputs (user messages, API responses, file contents) are validated
- [ ] Path operations stay within workspace boundaries
### Least Privilege
- [ ] New tools/features request only the permissions they need
- [ ] No unnecessary filesystem, network, or system access added
### Credential Safety
- [ ] No API keys, tokens, or passwords in code, logs, or LLM context
- [ ] Sensitive data masked in all log output
### Human Oversight
- [ ] Destructive or irreversible actions require user confirmation
- [ ] Agent announces intent before high-risk operations
### AI Output Safety
- [ ] LLM outputs are validated before acting on them
- [ ] Tool outputs are sanitized before re-entering LLM context
### Testing
- [ ] Security tests added/updated for changes
- [ ] No test coverage decreaseWhy
This checklist ensures every contributor thinks about AI safety and security before merging. It codifies the AI principles from AI_PRINCIPLES.md into the PR review process.
Acceptance Criteria
-
.github/PULL_REQUEST_TEMPLATE.mdexists - Checklist covers all 6 AI principles
- Template appears automatically on new PRs
- Team has reviewed and approved the checklist
References
- IEEE 7000 — Ethical AI Design
- GitHub PR Templates
- Design Doc:
docs/plans/2026-03-29-security-ai-guardrails-performance-design.md