MrSphay/MrTrust
1
0
Fork 0
generated from MrSphay/codex-agent-repository-kit
Code Issues Pull Requests Actions Packages Projects Releases 5 Wiki Activity
Files
01148f47037dc2d6eac1f9d5ae66b72bd8e96ce7
MrTrust/AGENTS.md
MrSphay 01148f4703
All checks were successful
Build MrTrust / build (push) Successful in 2m31s
Details
Clarify MrTrust target project integration for agents
2026-05-16 01:46:36 +02:00

36 lines
1.3 KiB
Markdown
Raw Blame History

# Agent Instructions For MrTrust
MrTrust manages explicit Windows certificate trust for MrSphay software.
## Security Boundaries
- Do not add Defender, SmartScreen, UAC, firewall, or policy bypasses.
- Do not add silent certificate installation.
- Do not commit `.pfx`, private keys, passwords, tokens, or signing secrets.
- Default to `CurrentUser` certificate stores. Use `LocalMachine` only when the user explicitly chooses all-user trust.
- Keep all user-facing trust actions reversible.
## Repository Layout
- `scripts/` contains the PowerShell implementation.
- `assets/certificates/` contains public certificates only.
- `private/` is ignored and may contain local signing material.
- `docs/integration-prompt.md` is the prompt for adding MrTrust to other projects.
- `docs/security-model.md` documents the intended behavior and limits.
- `MrTrust.exe` is the user-facing standalone trust installer. The PowerShell scripts are source/build internals.
## Verification
Before finishing changes, run:
```powershell
$scripts = Get-ChildItem .\scripts -Filter *.ps1
foreach ($script in $scripts) {
$tokens = $null
$errors = $null
[System.Management.Automation.Language.Parser]::ParseFile($script.FullName, [ref]$tokens, [ref]$errors) | Out-Null
if ($errors) { throw $errors }
}
git diff --check
```
Reference in New Issue View Git Blame Copy Permalink