39 lines
1.2 KiB
Markdown
39 lines
1.2 KiB
Markdown
---
|
|
trigger: always_on
|
|
description: Control which shell commands the agent may run automatically.
|
|
allowAuto:
|
|
- 'pnpm test:watch'
|
|
- 'pnpm test:debug'
|
|
- 'pnpm test:e2e'
|
|
- 'git status'
|
|
- 'git log --oneline'
|
|
- 'git diff'
|
|
- 'git branch'
|
|
- 'tsc --noEmit'
|
|
denyAuto:
|
|
- 'rm -rf'
|
|
- 'Remove-Item'
|
|
- 'git push --force'
|
|
- 'git reset --hard'
|
|
- 'git clean -fd'
|
|
- 'curl | bash'
|
|
- 'docker compose down'
|
|
- 'DROP TABLE'
|
|
- 'TRUNCATE'
|
|
- 'DELETE FROM'
|
|
alwaysReview: true
|
|
scopes:
|
|
- 'backend/src/**'
|
|
- 'backend/test/**'
|
|
- 'frontend/app/**'
|
|
---
|
|
|
|
# Execution Rules
|
|
|
|
- Only auto-execute commands that are explicitly listed in `allowAuto`.
|
|
- Commands in `denyAuto` must always be blocked, even if manually requested.
|
|
- All shell operations that create, modify, or delete files in `backend/src/`, `backend/test/`, or `frontend/app/` require human review.
|
|
- Alert before running any SQL that modifies data (INSERT/UPDATE/DELETE/DROP/TRUNCATE).
|
|
- Alert if environment variables related to DB connection or secrets (DATABASE_URL, JWT_SECRET, passwords) would be displayed or logged.
|
|
- Never auto-execute commands that expose sensitive credentials via MCP tools or shell output.
|