From 196fc8e413567073a3f0caaaeb46de6e5b95fd5c Mon Sep 17 00:00:00 2001
From: ToxicCrzay270 <185776014+ToxicCrzay270@users.noreply.github.com>
Date: Tue, 19 May 2026 23:28:23 +0200
Subject: [PATCH] Apply agent kit v1.0.6 guidance

---
 .codex/project.md     | 12 ++++++++++++
 AGENTS.md             | 12 +++++++++++-
 CHANGELOG.md          |  1 +
 docs/agent-handoff.md |  5 +++--
 4 files changed, 27 insertions(+), 3 deletions(-)

diff --git a/.codex/project.md b/.codex/project.md
index 2c22bc5..fa81985 100644
--- a/.codex/project.md
+++ b/.codex/project.md
@@ -32,6 +32,16 @@ readme: manual README
 
 Do not invent commands that cannot run.
 
+Heavy project commands must run through Gitea Actions on supported Ubuntu runners once CI exists. Local checks should stay lightweight and avoid dependency installation or build artifact creation.
+
+Supported CI runner labels:
+
+```text
+ubuntu-latest
+ubuntu-24.04
+ubuntu-22.04
+```
+
 ## Stack
 
 ```text
@@ -54,6 +64,8 @@ Expected files:
 PENDING
 ```
 
+Repository-maintenance files such as `AGENTS.md`, `.codex/`, template blueprints, template workflow files, and `docs/agent-handoff.md` should not be included in user-facing release artifacts unless explicitly requested.
+
 ## Security Rules
 
 - Do not commit secrets, tokens, `.env` files, certificates, or private keys.
diff --git a/AGENTS.md b/AGENTS.md
index 9d42b26..ee41037 100644
--- a/AGENTS.md
+++ b/AGENTS.md
@@ -7,6 +7,9 @@ Robocopy_Overhaul: Codex-ready repository baseline for a Robocopy overhaul proje
 ## Repository Rules
 
 - Start by reading `AGENTS.md` and `.codex/project.md`.
+- At task start, check for upstream repository updates and apply them with `git pull --ff-only` when the working tree is clean.
+- If local changes exist, preserve them and do not overwrite user work.
+- Conserve context tokens: use targeted searches and focused file reads instead of loading generated folders, dependency folders, build outputs, or full logs unless directly relevant.
 - Keep changes scoped to the user's request.
 - Prefer existing project patterns once application code exists.
 - Do not commit secrets, `.env` files, private keys, certificates, or tokens.
@@ -15,8 +18,12 @@ Robocopy_Overhaul: Codex-ready repository baseline for a Robocopy overhaul proje
 - Check the working tree before editing and before finishing. Preserve unrelated user changes.
 - Derive the repository owner and repository name from the target repository remote or `GITHUB_REPOSITORY`. Never reuse the owner from the template repository.
 - If `GITEA_TOKEN` is available locally, use it only for read-only Gitea API checks such as private repository metadata, package-read visibility, and Actions run status. Never print, commit, or store the token.
+- Use only supported Gitea Ubuntu runner labels for project builds, tests, audits, package jobs, installers, dependency setup, and releases: `ubuntu-latest`, `ubuntu-24.04`, or `ubuntu-22.04`.
+- Do not add Windows, macOS, self-hosted local-machine, or undocumented runner labels. If Windows-specific tooling appears necessary, document or implement an open-source Linux-compatible workaround for Ubuntu runners.
+- Do not run heavy project commands on the user's local machine. Keep local verification limited to lightweight checks such as `rg`, JSON parsing, `git diff --check`, and read-only API status checks.
 - Repository cleanup automation must be non-destructive if added later.
 - Dependency, compliance, and release dry-run automation must report findings only unless the user explicitly asks for write actions.
+- Create focused tracker issues for real follow-up work that is outside the current scope or independently parallelizable. If issue creation is unavailable, document the follow-up in `docs/agent-handoff.md`.
 
 ## Commands
 
@@ -42,11 +49,14 @@ No release artifact output directory is defined yet.
 - Keep external network calls documented.
 - Prefer local processing for user data.
 - Keep CI publishing secrets in repository or organization secrets, not in tracked files.
+- Exclude repository-maintenance files such as `AGENTS.md`, `.codex/`, template blueprints, template workflow files, and `docs/agent-handoff.md` from user-facing release, package, installer, archive, and upload artifacts unless explicitly requested.
 - Ensure `.gitignore` covers local config, build outputs, logs, temporary files, and secret material for the detected stack.
 
 ## Finish Checklist
 
 - `git diff --check` passes when the directory is a Git repository.
-- The cheapest reliable verification command has been run, or the reason it could not run is documented.
+- Lightweight local validation has been run when available and safe.
+- Project build, test, audit, package, and release verification runs through Gitea Actions on a supported Ubuntu runner, or the reason runner verification could not run is documented.
 - README, changelog, security review, and release checklist are updated when the change touches release behavior.
 - `docs/agent-handoff.md` is updated when work is interrupted, risky, or spans multiple sessions.
+- Any pushed Gitea workflow has been polled to success or a concrete blocker has been reported.
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 5a7d0ff..f0458ac 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,5 +4,6 @@ All notable changes to this project are documented here.
 
 ## Unreleased
 
+- Updated agent guidance for safe upstream sync, context conservation, Gitea Ubuntu runner policy, and artifact exclusions.
 - Updated agent instructions for target-remote repository owner detection.
 - Added Codex Agent Repository Kit baseline files.
diff --git a/docs/agent-handoff.md b/docs/agent-handoff.md
index 1736aa5..58852ff 100644
--- a/docs/agent-handoff.md
+++ b/docs/agent-handoff.md
@@ -5,7 +5,7 @@ Use this file when a task spans multiple sessions, has unresolved follow-up work
 ## Current State
 
 ```text
-Codex repository baseline added and aligned with the latest kit owner-detection guidance. Implementation code, stack, commands, CI, and release artifacts are still pending.
+Codex repository baseline added and aligned with codex-agent-repository-kit v1.0.6 guidance. Implementation code, stack, commands, CI, and release artifacts are still pending.
 ```
 
 ## Changes Made
@@ -14,12 +14,13 @@ Codex repository baseline added and aligned with the latest kit owner-detection
 - Added repository security and release documentation.
 - Added baseline README and ignore rules.
 - Updated agent instructions to derive repository owner and name from the target remote.
+- Updated agent instructions for safe upstream sync, context conservation, Gitea Ubuntu runner policy, and release artifact exclusions.
 
 ## Verification
 
 | Check | Result |
 | --- | --- |
-| `git diff --check` | Pending until the directory is a Git repository |
+| `git diff --check` | PENDING |
 | lint | Not available |
 | test | Not available |
 | build | Not available |