f3d84cd116
Some checks failed
CI / detect-changes (push) Has been cancelled
CI / docs-check (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / build (push) Has been cancelled
CI / integration-tests (push) Has been cancelled
CI / windows-portability (push) Has been cancelled
CI / rtk-portability (linux, blacksmith-4vcpu-ubuntu-2404) (push) Has been cancelled
CI / rtk-portability (macos, macos-15) (push) Has been cancelled
CI / rtk-portability (windows, blacksmith-4vcpu-windows-2025) (push) Has been cancelled
Replaces the fragmented (AGENTS.md + CLAUDE.md + .github/copilot-instructions.md + .sf/STYLE.md + .sf/PRINCIPLES.md + .sf/NON-GOALS.md) surface with a single canonical .agents/ tree per https://github.com/agentsfolder/spec. Structure: .agents/manifest.yaml spec metadata + defaults + project info .agents/prompts/ base.md project-agnostic base prompt project.md SF-specific: purpose-first, DB-first, build pipeline, Ask/Build/YOLO model snippets/{style,principles,non-goals}.md short pointers into .sf/{STYLE,PRINCIPLES, NON-GOALS}.md for composition .agents/modes/{ask,build}.md YAML front matter + human-readable body .agents/policies/{default-safe,yolo}.yaml conservative default + YOLO override .agents/skills/.gitkeep empty per spec — SF's own skills not yet migrated to agentskills.io format .agents/scopes/.gitkeep single-tree, no scopes yet .agents/profiles/.gitkeep no overlays yet .agents/schemas/.gitkeep generated by validators .agents/state/.gitignore excludes state.yaml from VCS per spec Status: spec is pre-1.0 (specVersion 0.1.0 pinned). No agent runtime currently reads .agents/ — this is structural adoption ahead of ecosystem support. Legacy files (AGENTS.md, CLAUDE.md, etc.) kept during the transition; .agents/ is now the canonical surface and they will eventually point here. This is the reference template; centralcloud/infra, operations-memory, oncall-mobile-android to follow. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
50 lines
873 B
YAML
50 lines
873 B
YAML
id: default-safe
|
|
description: >-
|
|
Conservative default. Confirmations required for destructive
|
|
filesystem and git operations; network and exec allowed but logged.
|
|
|
|
capabilities:
|
|
filesystem:
|
|
read: allow
|
|
write: confirm
|
|
delete: confirm
|
|
exec:
|
|
enabled: confirm
|
|
network:
|
|
enabled: allow
|
|
allow_hosts:
|
|
- "*"
|
|
deny_hosts: []
|
|
mcp:
|
|
enabled: allow
|
|
|
|
paths:
|
|
allow:
|
|
- "**"
|
|
deny:
|
|
- "~/.ssh/**"
|
|
- "**/.env"
|
|
- "**/.env.*"
|
|
- "**/secrets/**"
|
|
- ".sf/sf.db"
|
|
- ".sf/sf.db-*"
|
|
- ".sf/backups/**"
|
|
redact:
|
|
- "**/*api_key*"
|
|
- "**/*token*"
|
|
- "**/*password*"
|
|
- "**/.env*"
|
|
|
|
confirmations:
|
|
requiredFor:
|
|
- rm -rf
|
|
- git push --force
|
|
- git push -f
|
|
- git reset --hard
|
|
- git clean -fdx
|
|
- drop_table
|
|
- drop_database
|
|
|
|
limits:
|
|
max_files_per_op: 100
|
|
max_command_runtime_sec: 600
|