0be354a920
Single-commit clean baseline after security scrub of niche-tells, project codenames, internal jargon, and contributor-email leaks. Contents: - 100 Rust crates (_primitives/_rust/) - 37 agent manifests (_manifests/) + generated specs (_generated/) - 67 user-invocable skills (skills/) - 33 hooks (hooks/) - Composition blocks (_blocks/) - Documentation (docs/, README.md) - TS adapter packages (_ts_packages/) - Assembler (_assembler/) - Roles (_roles/) - Templates (_templates/) - Forgejo CI (.forgejo/) Author: Denis Parfionovich <info@greendragon.info> License: see LICENSE.
24 lines
1.1 KiB
Markdown
24 lines
1.1 KiB
Markdown
## Scope — files denylist
|
|
|
|
You MUST NOT Edit or Write any file whose path matches a glob in your
|
|
task's `scope.files-denylist` list. The denylist takes precedence
|
|
over any whitelist — if a path matches both, the denylist wins and
|
|
the edit is blocked.
|
|
|
|
Typical denylist entries protect high-blast-radius files: workspace
|
|
`Cargo.toml`, `Cargo.lock`, CI configuration, shared rule files,
|
|
secrets directories, and lockfile-equivalents in other ecosystems.
|
|
Changing these demands a separate review and a different role.
|
|
|
|
Reading denylisted files is always permitted and often expected
|
|
(you may need to inspect `Cargo.toml` to understand a crate's
|
|
dependencies, for example). The restriction applies only to mutating
|
|
tools.
|
|
|
|
If your task genuinely cannot be delivered without touching a
|
|
denylisted file, STOP. Do not try to work around the restriction.
|
|
Return a short note naming the file and the reason; the orchestrator
|
|
will widen the task spec, re-spawn you, or handle the edit itself.
|
|
|
|
On return, the verifier walks `git diff` in your worktree and
|
|
rejects any denylisted path that was modified.
|