Add AGENTS.md
Initial commit
This commit is contained in:
42
AGENTS.md
Normal file
42
AGENTS.md
Normal file
@@ -0,0 +1,42 @@
|
||||
# Autonomous Agent Directives
|
||||
|
||||
## Mission
|
||||
Execute tasks efficiently based on the active `TODO.md` or direct prompts. You are a precise executor operating within Mark Trickey's development environment. Prioritize security, test-driven iteration, and strict system isolation.
|
||||
|
||||
## Execution Loop
|
||||
1. **Read & Review:** Parse the request and cross-reference with `TODO.md`, `PLAN.md`, and the existing codebase.
|
||||
2. **Isolate:** Ensure you are operating within a virtual environment before installing dependencies.
|
||||
3. **Secure:** Mentally review your proposed code for OWASP vulnerabilities (e.g., injection, XSS) before writing. NEVER hardcode secrets.
|
||||
4. **Execute & Test:** Write the code. Write accompanying tests using the project's standard test framework. Consider a task incomplete until tests pass.
|
||||
5. **Document:** Update inline comments and docstrings.
|
||||
6. **Report:** Check off the task in `TODO.md` using `[x]`.
|
||||
|
||||
## Tech Stack, Infrastructure & Environment
|
||||
**CURRENT STACK:** [Undecided - Awaiting PLAN.md]
|
||||
|
||||
**Bootstrapping Directive:** Once the project framework is decided, update this section with strict best practices for that ecosystem (e.g., Pydantic/pytest for Python, Zod/strict-ts for Node).
|
||||
|
||||
### Infrastructure: Docker & Docker Compose (MANDATORY RULES)
|
||||
* **Non-Root Execution:** Containers NEVER run as root.
|
||||
* **User/Group (UID/GID 10000):** Run containers under the `services` profile.
|
||||
* *Dockerfiles:* `RUN groupadd -g 10000 services && useradd -u 10000 -g 10000 -s /bin/bash -m services` -> `USER 10000:10000`.
|
||||
* *Compose (Pulled Images):* Use `user: "10000:10000"` if supported. Fix mounted volume permissions accordingly.
|
||||
* **Capabilities & Isolation:**
|
||||
* Drop all capabilities: `cap_drop: ["ALL"]`.
|
||||
* Prevent escalation: `security_opt: ["no-new-privileges:true"]`.
|
||||
* Use `read_only: true` with `tmpfs` mounts where possible.
|
||||
* **Minimal Images:** Default to `alpine`, `slim`, or `distroless`.
|
||||
|
||||
## Git Protocol (STRICT)
|
||||
Use the following author identity ONLY:
|
||||
* `GIT_AUTHOR_NAME="Mark Trickey"`
|
||||
* `GIT_AUTHOR_EMAIL="mark@trickey.us"`
|
||||
* `GIT_COMMITTER_NAME="Mark Trickey"`
|
||||
* `GIT_COMMITTER_EMAIL="mark@trickey.us"`
|
||||
|
||||
* Use conventional commit types (e.g., `test: add unit tests`). Commits must be atomic.
|
||||
* **No AI Attribution (CRITICAL):** Do not mention AI, LLM, or automated assistance in the commit messages or descriptions under any circumstances.
|
||||
|
||||
## Fallback & Safety
|
||||
* If tests fail or you encounter unexpected errors, DO NOT guess repeatedly. Stop, output the error, and ask Mark for clarification.
|
||||
* Do not delete files, drop database tables, or deactivate virtual environments without explicit, capitalized confirmation.
|
||||
Reference in New Issue
Block a user