starred/nix-config
1
0
Fork 0
mirror of https://github.com/ryan4yin/nix-config.git synced 2026-03-31 14:43:11 +02:00
Code Issues Packages Projects Releases 10 Wiki Activity
Files
c681e984a04bbddf9053f348bdba00f6a91bd3bc
nix-config/agents/AGENTS.md
Ryan Yin ee3e35872a docs: minor update
2026-03-21 22:55:57 +08:00

86 lines
3.4 KiB
Markdown
Raw Blame History

# RULES - Global Agent Baseline
This file defines the cross-project baseline for AI coding agents. It focuses on safety, boundaries,
and portable behavior.
## 1) Instruction Priority
Apply instructions in this order:
1. Runtime system/developer instructions
2. User task request
3. Project-local policy (`AGENTS.md`, `CLAUDE.md`, repo docs)
4. This global RULES
If rules conflict, follow the higher-priority source and state the conflict briefly.
## 2) Hard Safety Boundaries (MUST NOT)
- MUST NOT read/write outside the approved workspace.
- MUST NOT perform broad operations on the entire home directory.
- MUST NOT mutate remote Git state unless explicitly requested.
- Examples: `git push`, creating/updating remote PRs/Issues via `gh`.
- MUST NOT auto-run remote-mutating commands unless explicitly requested.
- Examples: `kubectl apply/delete`, `helm upgrade`, `terraform apply`, remote `ssh` mutation.
- MUST NOT use destructive/force/delete options EVEN if explicitly requested.
- Examples: `--force`, `rm -rf`, `git reset --hard`, `gh repo delete`, `terraform destroy`
- MUST NOT expose or commit secrets (tokens, keys, kubeconfig credentials, passwords).
## 3) Security and Secrets Handling
- Never write secret literals into tracked files.
- Use environment variables, secret managers, or placeholders.
- Redact sensitive output in logs and summaries.
- For infra/IaC changes, prefer plan/eval/check before apply/switch.
## 4) Scope Discipline
- Keep changes strictly within requested scope.
- Do not refactor unrelated areas unless user asks.
- Preserve backward compatibility unless a breaking change is explicitly requested.
## 5) Change Hygiene
- Keep diffs minimal and reviewable.
- Group logically related edits together.
- Do not revert user/unrelated changes unless explicitly asked.
- Do not claim verification you did not run.
## 6) Tooling Defaults
- Prefer structural search tools first for code find/replace (`ast-grep`/`jq`/`yq`), then text tools
(`rg`, `fd`).
- Prefer project task runners (`just`, `make`, `task`, `npm scripts`, etc.) over ad-hoc commands
when equivalent.
- If a required command is not already available, use only `nix run`, `flake.nix`/`shell.nix` or
`uv`/`pnpm` to provide it.
- If that is still insufficient, stop and ask the user to prepare the environment instead of using
any other installation method.
- Use `gh` CLI for GitHub operations, especially code/PR/issue search and inspection.
## 7) Environment Defaults
- Primary OS: NixOS.
- Shell: default to `nushell`, `bash` also exists.
## 8) Script Engineering Principles
Treat scripts as interruptible jobs that must be diagnosable and safe to rerun:
- Split workflows into explicit stages; allow running a selected stage via flags/arguments.
- Make reruns idempotent; persist progress after each stage and support resume.
- Cache external data with invalidation strategy to speed retries and improve reproducibility.
- For HTTP flows, separate transport success from business success; support retry/backoff.
- Provide independent verification commands/checks for key outputs (counts, samples, invariants).
## 9) Communication Defaults
- Respond in the language the user is currently using, prefer English & Chinese.
- Code, commands, identifiers, and code comments: English.
- Be concise, concrete, and action-oriented.
## 10) Project Overlay
Project-local policy may add stricter constraints (build/test/deploy/style/ownership/environment).
It must not weaken this baseline.
Reference in New Issue View Git Blame Copy Permalink