|
| 1 | +# AGENTS.md |
| 2 | + |
| 3 | +This file is the source of truth for coding-agent instructions in this repository. |
| 4 | + |
| 5 | +## General Agent Guidance |
| 6 | + |
| 7 | +- Follow existing repository instructions first. |
| 8 | +- Preserve existing `AGENTS.md`, `CLAUDE.md`, README, CI, release, and owner guidance. |
| 9 | +- Do not overwrite repository-specific conventions with generic defaults. |
| 10 | + |
| 11 | +## Safety Rules |
| 12 | + |
| 13 | +- Do not make destructive or irreversible changes without explicit approval. |
| 14 | +- Do not bypass branch protection, required checks, required reviewers, scanners, or tests. |
| 15 | +- Do not force-push to protected branches or someone else's branch. |
| 16 | +- Do not commit secrets, tokens, credentials, customer data, or private keys. |
| 17 | +- Do not weaken authentication, authorization, IAM/RBAC, TLS, crypto, network exposure, or data-access controls without explicit approval. |
| 18 | +- Do not disable TLS verification except in clearly dev-only code with a written rationale. |
| 19 | +- Do not log secrets, auth headers, cookies, payment data, or customer PII. |
| 20 | +- Use synthetic test data; do not add real customer data to tests, fixtures, or seed files. |
| 21 | + |
| 22 | +## Review And Escalation |
| 23 | + |
| 24 | +Stop and ask before changing: |
| 25 | + |
| 26 | +- production data, infra, deploy, or config |
| 27 | +- secrets, auth, IAM, network exposure, or crypto |
| 28 | +- public APIs or compatibility-sensitive behavior |
| 29 | +- dependency/security scanner configuration |
| 30 | +- anything destructive or hard to roll back |
| 31 | + |
| 32 | +<!-- Add repository-specific coding-agent instructions below this line. --> |
0 commit comments