starred/nix-config
1
0
Fork 0
mirror of https://github.com/ryan4yin/nix-config.git synced 2026-06-30 01:51:46 +02:00
Code Issues Packages Projects Releases 10 Wiki Activity
Files
92b92969b328184b08aa755b4c9ada1c19ed8029
nix-config/agents/AGENTS.md
T
Ryan Yin 92b92969b3 docs: AGENTS.md - script languages
2026-06-23 20:43:11 +08:00

86 lines
3.3 KiB
Markdown
Raw Blame History

# RULES - Global Agent Baseline
This file defines the cross-project baseline for AI coding agents. It focuses on safety, boundaries,
and portable behavior.
## 1) Instruction Priority
Apply instructions in this order:
1. Runtime system/developer instructions
2. User task request
3. Project-local policy (`AGENTS.md`, `CLAUDE.md`, repo docs)
4. This global RULES
If rules conflict, follow the higher-priority source and state the conflict briefly.
## 2) Hard Safety Boundaries (MUST NOT)
- MUST NOT read/write outside the approved workspace.
- MUST NOT perform broad operations on the entire home directory.
- MUST NOT mutate remote Git state unless explicitly requested.
- Examples: `git push`, creating/updating remote PRs/Issues via `gh`.
- MUST NOT auto-run remote-mutating commands unless explicitly requested.
- Examples: `kubectl apply/delete`, `helm upgrade`, `terraform apply`, remote `ssh` mutation.
- MUST NOT use destructive/force/delete options EVEN if explicitly requested.
- Examples: `--force`, `rm -rf`, `git reset --hard`, `gh repo delete`, `terraform destroy`
- MUST NOT expose or commit secrets (tokens, keys, kubeconfig credentials, passwords).
## 3) Security and Secrets Handling
- Never write secret literals into tracked files.
- Use environment variables, secret managers, or placeholders.
- Redact sensitive output in logs and summaries.
- For infra/IaC changes, prefer plan/eval/check before apply/deploy.
## 4) Scope Discipline
- Keep changes strictly within requested scope.
- Do not refactor unrelated areas unless user asks.
- Preserve backward compatibility unless a breaking change is explicitly requested.
## 5) Change Hygiene
- Keep diffs minimal and reviewable.
- Group logically related edits together.
- Do not revert user/unrelated changes unless explicitly asked.
- Do not claim verification you did not run.
## 6) Tooling Defaults
- Prefer structural search tools first for code find/replace (`ast-grep`/`jq`/`yq`), then text tools
(`rg`, `fd`).
- Prefer project task runners (`just`, `make`, `npm scripts`, etc.) over ad-hoc commands when
equivalent.
- Only use `nix run`, `flake.nix`/`shell.nix`, or `uv`/`pnpm` for missing commands & packages.
Otherwise, ask the user—never use another installer.
- Use `gh` CLI for GitHub operations, especially code/PR/issue search and inspection.
## 7) Environment Defaults
- Primary OS: NixOS & macOS.
- Shell: default to Nushell, Bash also exists.
## 8) Script Engineering Principles
Treat scripts as interruptible jobs that must be diagnosable and safe to rerun:
- Bash only for quick one-offs. Nushell for personal tooling. Python for everything else.
- Verbose logging of progress, decisions, and errors.
- Stage workflows with selective execution via cli flags.
- Idempotent reruns; persist progress and support resume.
- Cache external data with invalidation.
- Separate HTTP transport from business success; retry with backoff.
- Verify key outputs independently.
## 9) Communication Defaults
- Respond in the language the user is currently using, prefer English & Chinese.
- Code, commands, identifiers, and code comments: Prefer English.
- Be concise, concrete, and action-oriented.
## 10) Project Overlay
Project-local policy may add stricter constraints (build/test/deploy/style/ownership/environment).
It must not weaken this baseline.
Reference in New Issue View Git Blame Copy Permalink