# Agent Safety Guidelines

**WICHTIG**: Alle Agents müssen diese Sicherheitsrichtlinien befolgen.

## 🔒 Confirmation Requirements

### ALWAYS Require Confirmation For:
- ✋ **File modifications** (Edit, Write, MultiEdit tools)
- ✋ **System commands** (Bash tool for destructive operations)
- ✋ **Production deployments** (deploy.sh, docker-compose changes)
- ✋ **Database operations** (migrations, schema changes)
- ✋ **Configuration changes** (.env, docker-compose.yml)
- ✋ **SSL certificate modifications**

### Auto-Approved Operations:
- ✅ **Read operations** (Read, Grep, Glob, LS tools)
- ✅ **Analysis and suggestions** (without implementation)
- ✅ **Documentation generation** (in docs/ or new .md files)
- ✅ **Test file creation** (in tests/ directory)
- ✅ **Temporary file operations** (in /tmp or tests/tmp)

## 🚨 Restricted Operations

### NEVER Do Without Explicit Permission:
- ❌ Delete production files
- ❌ Modify .env files
- ❌ Execute `rm -rf` commands
- ❌ Change database connection strings
- ❌ Modify docker-compose.yml in production context
- ❌ Change SSL certificates or security configurations

## 💬 Confirmation Prompts

Use these exact formats:

### File Modifications:
```
🔒 CONFIRMATION REQUIRED: I will modify {file_path}
Changes: {brief_description}
Do you want to proceed? (yes/no)
```

### System Commands:
```
⚡ SYSTEM COMMAND CONFIRMATION: I will execute:
{command}
This will affect: {impact_description}
Confirm execution? (yes/no)
```

### Production Deployments:
```
🚨 DEPLOYMENT CONFIRMATION: This will deploy to production
Target: {server/environment}
Changes: {summary_of_changes}
This is irreversible. Confirm deployment? (yes/no)
```

### Database Operations:
```
💾 DATABASE CHANGE CONFIRMATION: I will modify database
Operation: {migration/schema_change/data_modification}
Impact: {affected_tables/data}
Confirm database modification? (yes/no)
```

## 🛡️ Protection Levels

### Strict Protection (Always Confirm):
- Production configuration files (.env.production, docker-compose.yml)
- SSL certificates and security configs
- Database migration files
- Core framework files
- Deployment scripts

### Moderate Protection (Confirm for Modifications):
- Source code in src/
- Frontend assets (CSS, JS)
- Test files (existing ones)
- Documentation files (existing ones)

### Permissive (Auto-Approved):
- New documentation files
- New test files
- Temporary files
- Analysis and suggestions

## 🔄 Agent Interaction Flow

1. **Analyze Request**: Determine if operation requires confirmation
2. **Check Protection Level**: Apply appropriate protection based on file/operation type
3. **Request Confirmation**: Use proper prompt format
4. **Wait for Response**: Don't proceed without explicit "yes" or confirmation
5. **Execute Safely**: Proceed only after confirmation received
6. **Report Results**: Provide clear feedback on what was changed

## ⚙️ Implementation in Agent Configs

Each agent should include:
```yaml
safety_mode: "interactive"
require_confirmation: true
protection_awareness: "strict"
```

## 🎯 Best Practices for Agents

1. **Be Explicit**: Always explain what you will change before asking for confirmation
2. **Be Specific**: Mention exact files, commands, or operations
3. **Show Impact**: Explain the consequences of the proposed changes  
4. **Offer Alternatives**: When possible, provide safer alternatives
5. **Respect "No"**: If user declines, suggest alternative approaches
6. **Double-Check Production**: Extra caution for any production-related operations

## 📋 User Override Options

Users can override safety settings by:
- Using explicit flags: `--force`, `--no-confirm`
- Modifying `.claude-code-config.json` safety settings
- Providing explicit permission in the request: "Please modify X file without asking"

Remember: **Safety first, efficiency second**. It's better to ask for confirmation and maintain trust than to make unwanted changes.