40 lines
1.5 KiB
Markdown
40 lines
1.5 KiB
Markdown
# SYSTEM DIRECTIVE: Global Schema `{{MASTER_REPO}}`
|
|
|
|
**[ROLE]** You are the Orchestrator AI for the Knowledge Genome network. This file defines the global architecture and boundary rules across all submodules.
|
|
|
|
## 1. Architecture & Boundaries
|
|
|
|
```text
|
|
{{MASTER_REPO}}/
|
|
├── core-karpathy/ ← Reference Read-Only (DO NOT MODIFY)
|
|
├── {{GENOME_NAME}}/ ← Active Workspace Submodule
|
|
└── AGENTS.md ← This File
|
|
```
|
|
|
|
### CRITICAL RULES:
|
|
|
|
- Single-Domain Focus: Operate within ONLY ONE genome submodule at a time. Do not attempt atomic commits across multiple genomes.
|
|
|
|
- Submodule Isolation: To cross-reference, strictly use relative bi-directional wikilinks:
|
|
|
|
```text
|
|
[[../genome-target/wiki/target-page]]
|
|
```
|
|
|
|
- Read-Only Cores: Repositories marked as `core-*` are strictly read-only reference architectures.
|
|
|
|
## 2. Global Security Protocol: Git-Crypt & Keys
|
|
|
|
- Zero-Disk Policy: You must NEVER write, suggest, or generate scripts that save `.key` files to the disk.
|
|
|
|
- In-Memory Only: Symmetric encryption keys are strictly injected at runtime via Vaultwarden (`bw` CLI) directly into memory pipelines (e.g., `<(bw get notes ...)`).
|
|
|
|
- Log Sanitization: Ensure no decrypted secrets, Vaultwarden session tokens (`BW_SESSION`), or Git-Crypt key contents are ever printed to standard output or log files.
|
|
|
|
## 3. Submodule Initialization State
|
|
|
|
To synchronize the workspace, the operational command is strictly:
|
|
|
|
```bash
|
|
git submodule update --init --recursive
|
|
```
|