docs: fix guard count drift in CLAUDE.md, README, and workflow
Update security guard references from 9 to 10 (GR-SEC-010 was missing), code reviewer guards from 13 to 17 (new GR-CORE-LAYERS, GR-CORE-MODULE, GR-CORE-META, GR-UI-TAXONOMY), and total guard count from 22 to 27. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -8,7 +8,7 @@ All guard IDs (GR-\*) and gate IDs (QG-\*) from `.agents/checks/` are **binding
|
||||
|
||||
- **Full workflow trigger is risk-based** and defined in `.agents/checks/enforcement-policy.json` (`full_workflow_required_when`). Matching changes MUST follow `.agents/workflow.md` (Analyst → Planner → Executor → Reviewers → Finalizer). Read `.agents/README.md` and the relevant role prompt in `.agents/prompts/` before starting.
|
||||
- **Quick fixes** may skip full workflow only if they match `.agents/checks/enforcement-policy.json` (`quick_fix_allowlist`) and still pass required gates.
|
||||
- **New modules** MUST conform to `.agents/contracts/module-manifest.schema.json` and pass all 9 security guards (GR-SEC-001 through GR-SEC-009).
|
||||
- **New modules** MUST conform to `.agents/contracts/module-manifest.schema.json` and pass all 10 security guards (GR-SEC-001 through GR-SEC-010).
|
||||
|
||||
Full workflow definition: `.agents/workflow.md` | Guard catalog: `.agents/checks/guard-catalog.json` | Enforcement policy: `.agents/checks/enforcement-policy.json` | Guard enforcement map: `.agents/checks/guard-enforcement-map.json` | Skills: `.agents/skills/`
|
||||
|
||||
@@ -192,7 +192,7 @@ docker/ # Dockerfiles, Nginx configs, PHP configs
|
||||
|
||||
## Security (non-negotiable)
|
||||
|
||||
These rules are enforced by guards GR-SEC-001 through GR-SEC-009 in `.agents/checks/guard-catalog.json`. Any violation is a blocking finding.
|
||||
These rules are enforced by guards GR-SEC-001 through GR-SEC-010 in `.agents/checks/guard-catalog.json`. Any violation is a blocking finding.
|
||||
|
||||
- CSRF token verified on every POST (GR-SEC-001)
|
||||
- No PII or secrets in logs or audit metadata (GR-SEC-002)
|
||||
|
||||
Reference in New Issue
Block a user