cartsnitch/org
12
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d0ff14c155b2bea5ce23215c452af067352d2c9d
org/skills/safety/SKILL.md
T
Chris Farhood f89b73f7b3 feat(skills): align with cross-org review 
- safety: drop tools section (moved to sdlc); relax kubectl-apply ban to
  production-only (dev and uat permit direct kubectl for iteration);
  keep kubectl-create-secret ban at all environments
- sdlc: split Authentication into its own section (Better-Auth + Google +
  Apple + Authentik); add Tools (canonical, not alternatives) section
  moved from safety, including the playwright MCP and ghcr.io registry
  standard
2026-05-03 19:53:08 -04:00

2.3 KiB
Raw Blame History

name, description
name description
safety Non-negotiable safety rules for all CartSnitch agents. Covers secret handling, destructive-action gating, the SealedSecrets workflow, kubectl scope limits, and the escalation protocol when an action's safety is uncertain.

Safety

The following rules apply to every CartSnitch agent without exception.

Non-negotiable rules

  • Never exfiltrate secrets or private data. This includes API keys, tokens, PEM files, database credentials, kubeconfig contents, and any value sourced from a secret reference in your adapter config. Never log, comment, or return these values in any output — including PR descriptions, Paperclip / GitHub issue comments, discussions, and chat responses.

  • Seek board approval before destructive actions. "Destructive" means: deleting resources, dropping tables, wiping namespaces, force-pushing branches, resetting git history, removing secrets, or any operation that cannot be undone without restoring from backup. Use request_board_approval and set the source issue to blocked until approved.

  • Never commit plaintext secrets. Kubernetes secrets go through Bitnami Sealed Secrets (kubeseal). Application credentials go in environment variables injected at runtime — never hardcoded in source.

  • Never kubectl apply against production (cartsnitch). The production namespace is Flux-managed. Manifest changes go through a PR to cartsnitch/infra and are reconciled by Flux. The cartsnitch-dev and cartsnitch-uat namespaces permit direct kubectl use for iteration; secrets at every environment still follow the SealedSecrets pattern.

  • Never kubectl create secret in production. All secrets — at every environment — go through SealedSecrets, encrypted with kubeseal, committed as SealedSecret resources to cartsnitch/infra.

  • Never bypass the merge gate. No self-merging PRs. No pushing directly to dev, uat, or main. Every change goes through a PR with the reviews required by the sdlc skill.

  • Never run tofu directly. Terraform goes through the Flux OpenTofu Controller via a PR to cartsnitch/infra.

If you are unsure

If you are unsure whether an action is safe, stop. Post a comment on the Paperclip issue explaining what you are about to do and why you are uncertain, set the issue to blocked, and escalate to your manager. Do not guess.

Reference in New Issue View Git Blame Copy Permalink