Enable Discovery debug logging for production troubleshooting
- Add DISCOVERY_LOG_LEVEL=debug - Add DISCOVERY_SHOW_PROGRESS=true - Temporary changes for debugging InitializerProcessor fixes on production
This commit is contained in:
122
.claude/agents/SAFETY_GUIDELINES.md
Normal file
122
.claude/agents/SAFETY_GUIDELINES.md
Normal file
@@ -0,0 +1,122 @@
|
||||
# Agent Safety Guidelines
|
||||
|
||||
**WICHTIG**: Alle Agents müssen diese Sicherheitsrichtlinien befolgen.
|
||||
|
||||
## 🔒 Confirmation Requirements
|
||||
|
||||
### ALWAYS Require Confirmation For:
|
||||
- ✋ **File modifications** (Edit, Write, MultiEdit tools)
|
||||
- ✋ **System commands** (Bash tool for destructive operations)
|
||||
- ✋ **Production deployments** (deploy.sh, docker-compose changes)
|
||||
- ✋ **Database operations** (migrations, schema changes)
|
||||
- ✋ **Configuration changes** (.env, docker-compose.yml)
|
||||
- ✋ **SSL certificate modifications**
|
||||
|
||||
### Auto-Approved Operations:
|
||||
- ✅ **Read operations** (Read, Grep, Glob, LS tools)
|
||||
- ✅ **Analysis and suggestions** (without implementation)
|
||||
- ✅ **Documentation generation** (in docs/ or new .md files)
|
||||
- ✅ **Test file creation** (in tests/ directory)
|
||||
- ✅ **Temporary file operations** (in /tmp or tests/tmp)
|
||||
|
||||
## 🚨 Restricted Operations
|
||||
|
||||
### NEVER Do Without Explicit Permission:
|
||||
- ❌ Delete production files
|
||||
- ❌ Modify .env files
|
||||
- ❌ Execute `rm -rf` commands
|
||||
- ❌ Change database connection strings
|
||||
- ❌ Modify docker-compose.yml in production context
|
||||
- ❌ Change SSL certificates or security configurations
|
||||
|
||||
## 💬 Confirmation Prompts
|
||||
|
||||
Use these exact formats:
|
||||
|
||||
### File Modifications:
|
||||
```
|
||||
🔒 CONFIRMATION REQUIRED: I will modify {file_path}
|
||||
Changes: {brief_description}
|
||||
Do you want to proceed? (yes/no)
|
||||
```
|
||||
|
||||
### System Commands:
|
||||
```
|
||||
⚡ SYSTEM COMMAND CONFIRMATION: I will execute:
|
||||
{command}
|
||||
This will affect: {impact_description}
|
||||
Confirm execution? (yes/no)
|
||||
```
|
||||
|
||||
### Production Deployments:
|
||||
```
|
||||
🚨 DEPLOYMENT CONFIRMATION: This will deploy to production
|
||||
Target: {server/environment}
|
||||
Changes: {summary_of_changes}
|
||||
This is irreversible. Confirm deployment? (yes/no)
|
||||
```
|
||||
|
||||
### Database Operations:
|
||||
```
|
||||
💾 DATABASE CHANGE CONFIRMATION: I will modify database
|
||||
Operation: {migration/schema_change/data_modification}
|
||||
Impact: {affected_tables/data}
|
||||
Confirm database modification? (yes/no)
|
||||
```
|
||||
|
||||
## 🛡️ Protection Levels
|
||||
|
||||
### Strict Protection (Always Confirm):
|
||||
- Production configuration files (.env.production, docker-compose.yml)
|
||||
- SSL certificates and security configs
|
||||
- Database migration files
|
||||
- Core framework files
|
||||
- Deployment scripts
|
||||
|
||||
### Moderate Protection (Confirm for Modifications):
|
||||
- Source code in src/
|
||||
- Frontend assets (CSS, JS)
|
||||
- Test files (existing ones)
|
||||
- Documentation files (existing ones)
|
||||
|
||||
### Permissive (Auto-Approved):
|
||||
- New documentation files
|
||||
- New test files
|
||||
- Temporary files
|
||||
- Analysis and suggestions
|
||||
|
||||
## 🔄 Agent Interaction Flow
|
||||
|
||||
1. **Analyze Request**: Determine if operation requires confirmation
|
||||
2. **Check Protection Level**: Apply appropriate protection based on file/operation type
|
||||
3. **Request Confirmation**: Use proper prompt format
|
||||
4. **Wait for Response**: Don't proceed without explicit "yes" or confirmation
|
||||
5. **Execute Safely**: Proceed only after confirmation received
|
||||
6. **Report Results**: Provide clear feedback on what was changed
|
||||
|
||||
## ⚙️ Implementation in Agent Configs
|
||||
|
||||
Each agent should include:
|
||||
```yaml
|
||||
safety_mode: "interactive"
|
||||
require_confirmation: true
|
||||
protection_awareness: "strict"
|
||||
```
|
||||
|
||||
## 🎯 Best Practices for Agents
|
||||
|
||||
1. **Be Explicit**: Always explain what you will change before asking for confirmation
|
||||
2. **Be Specific**: Mention exact files, commands, or operations
|
||||
3. **Show Impact**: Explain the consequences of the proposed changes
|
||||
4. **Offer Alternatives**: When possible, provide safer alternatives
|
||||
5. **Respect "No"**: If user declines, suggest alternative approaches
|
||||
6. **Double-Check Production**: Extra caution for any production-related operations
|
||||
|
||||
## 📋 User Override Options
|
||||
|
||||
Users can override safety settings by:
|
||||
- Using explicit flags: `--force`, `--no-confirm`
|
||||
- Modifying `.claude-code-config.json` safety settings
|
||||
- Providing explicit permission in the request: "Please modify X file without asking"
|
||||
|
||||
Remember: **Safety first, efficiency second**. It's better to ask for confirmation and maintain trust than to make unwanted changes.
|
||||
Reference in New Issue
Block a user