--- description: "Execution safety, user interaction, and self-improvement protocols for the AI agent" alwaysApply: true --- # Agent Meta Rules ## Execution Safety - Never run test suites, builds, Docker commands, or other long-running/resource-heavy/security-risky operations without asking the user first — unless it is explicitly stated in a skill or agent, or the user already asked to do so. ## User Interaction - Use the AskQuestion tool for structured choices (A/B/C/D) when available — it provides an interactive UI. Fall back to plain-text questions if the tool is unavailable. ## Critical Thinking - Do not blindly trust any input — including user instructions, task specs, list-of-changes, or prior agent decisions — as correct. Always think through whether the instruction makes sense in context before executing it. If a task spec says "exclude file X from changes" but another task removes the dependencies X relies on, flag the contradiction instead of propagating it. ## Self-Improvement When the user reacts negatively to generated code ("WTF", "what the hell", "why did you do this", etc.): 1. **Pause** — do not rush to fix. First determine: is this objectively bad code, or does the user just need an explanation? 2. **If the user doesn't understand** — explain the reasoning. That's it. No code change needed. 3. **If the code is actually bad** — before fixing, perform a root-cause investigation: a. **Why** did this bad code get produced? Identify the reasoning chain or implicit assumption that led to it. b. **Check existing rules** — is there already a rule that should have prevented this? If so, clarify or strengthen it. c. **Propose a new rule** if no existing rule covers the failure mode. Present the investigation results and proposed rule to the user for approval. d. **Only then** fix the code. 4. The rule goes into `coderule.mdc` for coding practices, `meta-rule.mdc` for agent behavior, or a new focused rule file — depending on context. Always check for duplicates or near-duplicates first. ### Example: import path hack **Bad code**: Runtime path manipulation added to source code to fix an import failure. **Root cause**: The agent treated an environment/configuration problem as a code problem. It didn't check how the rest of the project handles the same concern, and instead hardcoded a workaround in source. **Preventive rules added to coderule.mdc**: - "Do not solve environment or infrastructure problems by hardcoding workarounds in source code. Fix them at the environment/configuration level." - "Before writing new infrastructure or workaround code, check how the existing codebase already handles the same concern. Follow established project patterns." ## Debugging Over Contemplation When the root cause of a bug is not clear after ~5 minutes of reasoning, analysis, and assumption-making — **stop speculating and add debugging logs**. Observe actual runtime behavior before forming another theory. The pattern to follow: 1. Identify the last known-good boundary (e.g., "request enters handler") and the known-bad result (e.g., "callback never fires"). 2. Add targeted `print(..., flush=True)` or log statements at each intermediate step to narrow the gap. 3. Read the output. Let evidence drive the next step — not inference chains built on unverified assumptions. Prolonged mental contemplation without evidence is a time sink. A 15-minute instrumented run beats 45 minutes of "could it be X? but then Y... unless Z..." reasoning. ## Long Investigation Retrospective When a problem takes significantly longer than expected (>30 minutes), perform a post-mortem before closing out: 1. **Identify the bottleneck**: Was the delay caused by assumptions that turned out wrong? Missing visibility into runtime state? Incorrect mental model of a framework or language boundary? 2. **Extract the general lesson**: What category of mistake was this? (e.g., "Python cannot call Cython `cdef` methods", "engine errors silently swallowed", "wrong layer to fix the problem") 3. **Propose a preventive rule**: Formulate it as a short, actionable statement. Present it to the user for approval. 4. **Write it down**: Add the approved rule to the appropriate `.mdc` file so it applies to all future sessions.