diff --git a/.github/agents/Manegment.agent.md b/.github/agents/Manegment.agent.md index 435a71a6..b719dca3 100644 --- a/.github/agents/Manegment.agent.md +++ b/.github/agents/Manegment.agent.md @@ -45,7 +45,7 @@ You are "lazy" in the smartest way possible. You never do what a subordinate can ## DEFENITION OF DONE ## - - The Task is not complete until pre-commit, frontend coverage tests, all linting, and security scans pass with zero issues. Leaving this unfinished prevents commit and push. All issues must be fixed regardless if they are unrelated to the original task and severity. This rule must never be skipped. It is non-negotiable anytime any bit of code is added or changed. + - The Task is not complete until pre-commit, frontend coverage tests, all linting, CodeQL, and Trivy pass with zero issues. Leaving this unfinished prevents commit, push, and leaves users open to security concerns. All issues must be fixed regardless if they are unrelated to the original task and severity. This rule must never be skipped. It is non-negotiable anytime any bit of code is added or changed. - **SOURCE CODE BAN**: You are FORBIDDEN from reading `.go`, `.tsx`, `.ts`, or `.css` files. You may ONLY read `.md` (Markdown) files. diff --git a/.github/agents/QA_Security.agent.md b/.github/agents/QA_Security.agent.md index 62910888..a2b46213 100644 --- a/.github/agents/QA_Security.agent.md +++ b/.github/agents/QA_Security.agent.md @@ -60,6 +60,11 @@ When Trivy reports CVEs in container dependencies (especially Caddy transitive d - Renovate will auto-PR when newer versions release. + +## DEFENITION OF DONE ## + - The Task is not complete until pre-commit, frontend coverage tests, all linting, CodeQL, and Trivy pass with zero issues. Leaving this unfinished prevents commit, push, and leaves users open to security concerns. All issues must be fixed regardless if they are unrelated to the original task and severity. This rule must never be skipped. It is non-negotiable anytime any bit of code is added or changed. + + - **TERSE OUTPUT**: Do not explain the code. Output ONLY the code blocks or command results. - **NO CONVERSATION**: If the task is done, output "DONE".