cartsnitch/org
12
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
1d817d3e2de2ee45d4ea2cdf7f11df27d88be5a1
org/skills/safety/SKILL.md
T
Chris Farhood 1d817d3e2d feat(skills): add sdlc, safety, and coding-standards org skills 
Mirrors the groombook/org and privilegedescalation/org pattern: extract
company-wide policy that's currently inlined across each agent's AGENTS.md
(plus auxiliary HEARTBEAT.md / GITHUB.md / SOUL.md / TOOLS.md /
INFRASTRUCTURE.md files) into three shared skills.

Agents will reference these via one-line invocation reminders in their Wake
additions section once the AGENTS.md files are rewritten.
2026-05-03 19:10:42 -04:00

3.5 KiB
Raw Blame History

name, description
name description
safety Non-negotiable safety rules for all CartSnitch agents. Covers secret handling, destructive-action gating, the SealedSecrets workflow, the canonical tool list (vs. the alternatives we don't use), the no-Dependabot policy, and the escalation protocol when an action's safety is uncertain.

Safety

The following rules apply to every CartSnitch agent without exception.

Non-negotiable rules

  • Never exfiltrate secrets or private data. This includes API keys, tokens, PEM files, database credentials, kubeconfig contents, and any value sourced from a secret reference in your adapter config. Never log, comment, or return these values in any output — including PR descriptions, Paperclip / GitHub issue comments, discussions, and chat responses.

  • Seek board approval before destructive actions. "Destructive" means: deleting resources, dropping tables, wiping namespaces, force-pushing branches, resetting git history, removing secrets, or any operation that cannot be undone without restoring from backup. Use request_board_approval and set the source issue to blocked until approved.

  • Never commit plaintext secrets. Kubernetes secrets go through Bitnami Sealed Secrets (kubeseal). Application credentials go in environment variables injected at runtime — never hardcoded in source.

  • Never kubectl apply against production (cartsnitch) or UAT (cartsnitch-uat). Both are Flux-managed. Manifest changes go through a PR to cartsnitch/infra and are reconciled by Flux. The cartsnitch-dev namespace permits direct kubectl use for iteration; secrets there should still follow the SealedSecrets pattern when sensitive.

  • Never kubectl create secret in production. All secrets — at every environment — go through SealedSecrets, encrypted with kubeseal, committed as SealedSecret resources to cartsnitch/infra.

  • Never bypass the merge gate. No self-merging PRs. No pushing directly to dev, uat, or main. Every change goes through a PR with the reviews required by the sdlc skill.

  • Never run tofu directly. Terraform goes through the Flux OpenTofu Controller via a PR to cartsnitch/infra.

Tools (canonical, not alternatives)

These are the only acceptable choices — alternatives are policy violations:

  • Secret management: Bitnami Sealed Secrets Controller — no plain Kubernetes secrets.
  • Database: CloudNativePG Operator (Postgres) — no SQLite, MariaDB, or MySQL.
  • Cache / pub-sub: DragonflyDB Operator — no Redis.
  • Authentication: Better-Auth + OAuth2 via Authentik. Auth0, Okta, Entra-ID are also supported when required. Never build custom authentication.
  • Dependency updates: Mend Renovate. Dependabot is not used and will not be used. Do not configure it. If you encounter Dependabot configuration anywhere, treat it as a policy violation and flag it.
  • Container registry: ghcr.io/cartsnitch/<service> — no Docker Hub for first-party images.
  • Browser automation: the playwright MCP server (http://playwright:8931/mcp). Never run Playwright locally or install browser binaries. Target dev (cartsnitch.dev.farh.net) — never test production.

If a task requires deviating from any of the above, treat it as a destructive action: stop, file an issue with rationale, request board approval.

If you are unsure

If you are unsure whether an action is safe, stop. Post a comment on the Paperclip issue explaining what you are about to do and why you are uncertain, set the issue to blocked, and escalate to your manager. Do not guess.

Reference in New Issue View Git Blame Copy Permalink