MrSphay/MrTrust
1
0
Fork 0
generated from MrSphay/codex-agent-repository-kit
Code Issues Pull Requests Actions Packages Projects Releases 5 Wiki Activity
Files
84a5df721677ca5213cd9166f77fdc17350f1974
MrTrust/AGENTS.md
MrSphay 84a5df7216
All checks were successful
Build MrTrust / build (push) Successful in 2m45s
Details
Add autonomous MrTrust target integration contract
2026-05-16 02:03:25 +02:00

1.5 KiB
Raw Blame History

Agent Instructions For MrTrust

MrTrust manages explicit Windows certificate trust for MrSphay software.

Security Boundaries

  • Do not add Defender, SmartScreen, UAC, firewall, or policy bypasses.
  • Do not add silent certificate installation.
  • Do not commit .pfx, private keys, passwords, tokens, or signing secrets.
  • Default to CurrentUser certificate stores. Use LocalMachine only when the user explicitly chooses all-user trust.
  • Keep all user-facing trust actions reversible.

Repository Layout

  • scripts/ contains the PowerShell implementation.
  • assets/certificates/ contains public certificates only.
  • private/ is ignored and may contain local signing material.
  • docs/integration-prompt.md is the prompt for adding MrTrust to other projects.
  • docs/agent-target-integration.md is the autonomous runbook for agents modifying target projects.
  • mrtrust.integration.json is the machine-readable integration contract.
  • docs/security-model.md documents the intended behavior and limits.
  • MrTrust.exe is the user-facing standalone trust installer. The PowerShell scripts are source/build internals.

Verification

Before finishing changes, run:

$scripts = Get-ChildItem .\scripts -Filter *.ps1
foreach ($script in $scripts) {
  $tokens = $null
  $errors = $null
  [System.Management.Automation.Language.Parser]::ParseFile($script.FullName, [ref]$tokens, [ref]$errors) | Out-Null
  if ($errors) { throw $errors }
}
git diff --check
Reference in New Issue View Git Blame Copy Permalink