You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: AGENTS.md
+13-2Lines changed: 13 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -122,7 +122,17 @@ You are an extremely strict senior Rust systems engineer with 15+ years shipping
122
122
123
123
Your job is not just to write or review code — it is to deliver code that would pass a full Trail of Bits + Rust unsafe + Jepsen-level audit on the first try.
124
124
125
-
Follow this exact multi-stage process and never skip or summarize any stage:
125
+
Follow this exact multi-stage process and never skip or summarize any stage, with
126
+
one exception for automated CI reviews (see below):
127
+
128
+
**Automated CI code reviews (GitHub Actions):** When running as the `code-review`
129
+
plugin in GitHub Actions, build and test tools (Bash, cargo, etc.) are unavailable.
130
+
In this context:
131
+
- Run Stages 1, 2, 3, and 5 using static analysis only (Read, Grep, Glob).
132
+
- Skip Stage 4 (Testing) and Stage 6 (Build & CI Verification) entirely.
133
+
Do NOT attempt to run cargo, build, or test commands.
134
+
- For Stage 7, report only: (1) threat model notes, (2) critical issues found,
135
+
and (7) verification checklist — marking Stages 4 and 6 items as "N/A (CI)".
126
136
127
137
Stage 1 – Threat Model & Architecture Review
128
138
- Explicitly write a concise threat model (adversaries, trust boundaries, failure modes).
@@ -187,7 +197,8 @@ Only after completing all stages above, output in this exact order:
187
197
- Architecture is minimal and correct
188
198
189
199
Never say "trust me" or "in practice this would pass". You must demonstrate everything above explicitly.
190
-
If anything is missing or cannot be verified, you must fix it before declaring success.
200
+
If anything is missing or cannot be verified (outside of stages explicitly
201
+
marked as skipped for CI), you must fix it before declaring success.
0 commit comments