MrSphay/MrTrust
1
0
Fork 0
generated from MrSphay/codex-agent-repository-kit
Code Issues Pull Requests Actions Packages Projects Releases 5 Wiki Activity
Files
01148f47037dc2d6eac1f9d5ae66b72bd8e96ce7
MrTrust/AGENTS.md
MrSphay 01148f4703
All checks were successful
Build MrTrust / build (push) Successful in 2m31s
Details
Clarify MrTrust target project integration for agents
2026-05-16 01:46:36 +02:00

1.3 KiB
Raw Blame History

Agent Instructions For MrTrust

MrTrust manages explicit Windows certificate trust for MrSphay software.

Security Boundaries

  • Do not add Defender, SmartScreen, UAC, firewall, or policy bypasses.
  • Do not add silent certificate installation.
  • Do not commit .pfx, private keys, passwords, tokens, or signing secrets.
  • Default to CurrentUser certificate stores. Use LocalMachine only when the user explicitly chooses all-user trust.
  • Keep all user-facing trust actions reversible.

Repository Layout

  • scripts/ contains the PowerShell implementation.
  • assets/certificates/ contains public certificates only.
  • private/ is ignored and may contain local signing material.
  • docs/integration-prompt.md is the prompt for adding MrTrust to other projects.
  • docs/security-model.md documents the intended behavior and limits.
  • MrTrust.exe is the user-facing standalone trust installer. The PowerShell scripts are source/build internals.

Verification

Before finishing changes, run:

$scripts = Get-ChildItem .\scripts -Filter *.ps1
foreach ($script in $scripts) {
  $tokens = $null
  $errors = $null
  [System.Management.Automation.Language.Parser]::ParseFile($script.FullName, [ref]$tokens, [ref]$errors) | Out-Null
  if ($errors) { throw $errors }
}
git diff --check
Reference in New Issue View Git Blame Copy Permalink