generated from MrSphay/codex-agent-repository-kit
Clarify MrTrust target project integration for agents
All checks were successful
Build MrTrust / build (push) Successful in 2m31s
All checks were successful
Build MrTrust / build (push) Successful in 2m31s
This commit is contained in:
21
README.md
21
README.md
@@ -13,7 +13,8 @@ MrTrust does not bypass Microsoft Defender or SmartScreen. Windows can still sca
|
||||
|
||||
## What It Contains
|
||||
|
||||
- `MrTrust.ps1 gui` opens a simple Windows interface for installing or removing trust.
|
||||
- `MrTrust.exe` opens a standalone Windows interface for installing or removing trust.
|
||||
- `MrTrust.ps1` and `scripts/` are source and maintainer tools for building, signing, and local development.
|
||||
- `scripts/New-MrTrustCertificate.ps1` creates a local root certificate and a code-signing certificate for the publisher.
|
||||
- `scripts/Install-MrTrust.ps1` installs the public trust certificate for the current user or the local machine.
|
||||
- `scripts/Uninstall-MrTrust.ps1` removes the MrTrust certificate again.
|
||||
@@ -85,18 +86,28 @@ Code-signing certificate -> Cert:\CurrentUser\TrustedPublisher
|
||||
For all users on the machine, run PowerShell as Administrator:
|
||||
|
||||
```powershell
|
||||
.\MrTrust.ps1 install -Scope LocalMachine
|
||||
.\MrTrust.exe
|
||||
```
|
||||
|
||||
Then choose the all-users option in the GUI.
|
||||
|
||||
## Using This Repo With Other Agents
|
||||
|
||||
Yes. Give another agent this repository URL and the target Windows project, then paste `docs/integration-prompt.md`.
|
||||
Yes. Give another agent this repository URL, the target Windows project, and `docs/integration-prompt.md`.
|
||||
|
||||
The agent's job is to modify the target project, not this repository:
|
||||
|
||||
- expose a visible "Open MrTrust" or trust setup path for users
|
||||
- link to or bundle the standalone `MrTrust.exe`
|
||||
- sign Windows release artifacts with the MrSphay code-signing certificate
|
||||
- keep trust installation explicit, reversible, and user-confirmed
|
||||
- keep private signing material out of the target repository and release artifacts
|
||||
|
||||
Both sides have to be wired:
|
||||
|
||||
- MrTrust side: users install the public trust certificates once.
|
||||
- Target project side: release artifacts are signed with the MrSphay code-signing certificate.
|
||||
- Installer side, optional: the target app can offer "Open MrTrust" or bundle the MrTrust ZIP, but it must not silently change trust.
|
||||
- Installer side, optional: the target app can offer "Open MrTrust" or bundle `MrTrust.exe`, but it must not silently change trust.
|
||||
|
||||
If the target project is not signed, MrTrust cannot make it trusted.
|
||||
|
||||
@@ -109,4 +120,4 @@ If the target project is not signed, MrTrust cannot make it trusted.
|
||||
|
||||
## Recommended Project Integration
|
||||
|
||||
Use `docs/integration-prompt.md` in another Windows project. The prompt tells Codex or another assistant to add a visible trust check, a link or bundled copy of MrTrust, and a signing step without hiding security changes from the user.
|
||||
Use `docs/integration-prompt.md` in another Windows project. The prompt tells Codex or another assistant to add a visible trust check, a link or bundled copy of the standalone `MrTrust.exe`, and a signing step without hiding security changes from the user.
|
||||
|
||||
Reference in New Issue
Block a user