Skip to main content

Local read-only CLI to diagnose AGENTS.md, Claude Code, Gemini CLI, Cursor and Copilot instruction files.

Project description

agent-rules-kit banner

agent-rules-kit

Local read-only Python CLI for diagnosing AGENTS.md, CLAUDE.md, GEMINI.md, Cursor rules, GitHub Copilot instructions, and other AI agent instruction files in repositories.

CI Python 3.12 Local CLI Read-only by default No LLM No network License MIT

Support with PayPal

Screenshots · Overview · Installation · Release and PyPI · Commands · Governance Findings · Safety Boundary · Quality Gates · Development Status · Maintainer Workflow · Support


Screenshots

Help and repository check

Terminal screenshot showing agent-rules-kit help output and a repository check detecting AGENTS.md

JSON and Markdown output formats

Terminal screenshot showing agent-rules-kit check output in JSON and Markdown formats

Governance findings and structured evidence

Terminal screenshot showing agent-rules-kit governance findings and structured JSON evidence

Explicit init behavior

Terminal screenshot showing init dry-run, explicit write, and backup behavior


Overview

agent-rules-kit is a local, read-only diagnostic CLI for repositories that use AI coding agents or assistant-specific instruction files.

It helps developers inspect AGENTS.md, CLAUDE.md, GEMINI.md, Cursor rules, GitHub Copilot instructions, and GitHub instruction files without network calls, LLM calls, or repository command execution.

It focuses on files such as:

  • AGENTS.md
  • CLAUDE.md
  • .claude/CLAUDE.md
  • GEMINI.md
  • .cursor/rules/*.mdc
  • .github/copilot-instructions.md
  • .github/instructions/*

The project is positioned as a doctor/lint tool for agent instruction files.

It is not:

  • a universal instruction generator;
  • a security scanner;
  • an LLM agent;
  • a repository automation bot;
  • a CI/CD security auditor;
  • a dependency vulnerability scanner.

The default behavior is read-only.


What This Project Does

v0.2.2 is published as a GitHub Release and PyPI package for agent-rules-kit. Current main reflects that published state and may include later documentation or maintenance updates.

The implemented behavior includes:

  • discovers supported AI agent instruction files;
  • reports repository-relative paths;
  • supports console, JSON, and Markdown output;
  • provides init --dry-run for planning baseline instruction files;
  • provides explicit init --write behavior for creating or replacing root AGENTS.md;
  • backs up existing root AGENTS.md before replacement;
  • redacts supported secret-like values in supported output, including finding messages, paths, and evidence payloads;
  • avoids network calls;
  • avoids LLM calls;
  • avoids executing commands from analyzed repositories.

Governance diagnostics were introduced in v0.2.0 and hardened through the published v0.2.1 release. v0.2.2 is a documentation-only public-truth patch.

These diagnostics are heuristic findings for instruction-file governance. They are meant to flag review-worthy instruction patterns, not to prove that a repository is safe.


Governance Findings

Current main evaluates the following governance finding rules, in stable evaluation order:

Rule Severity Purpose
AIRK-SYS001 warning Flags supported instruction files that cannot be analyzed as UTF-8.
AIRK-SYS002 warning Flags supported instruction file paths that are symlinks and are not analyzed.
AIRK-GOV006 warning Flags unsupported security, production-readiness, or maturity claims.
AIRK-GOV003 warning Flags guidance that appears to bypass review, CI, PRs, or safe integration.
AIRK-GOV004 warning Flags unsafe command execution guidance without an explicit confirmation boundary.
AIRK-GOV005 warning Flags runtime network, LLM, or external API dependency guidance that conflicts with local-first boundaries.
AIRK-GOV002 warning Flags missing secret-handling boundaries.
AIRK-GOV001 warning Flags missing instruction scope or authority.

Governance findings are intentionally conservative and pattern-based. They may produce false positives or false negatives, and they are not a substitute for maintainer review.

The v0.2.0 GitHub Release introduced this governance rule set. The published v0.2.1 release includes subsequent governance hardening and coverage expansion without moving the v0.2.0 tag. The published v0.2.2 release syncs public release, PyPI, and security documentation without runtime behavior changes.

For detailed rule purpose, evidence, limits, and false-positive notes, see docs/RULES.md.

For CLI output examples in console, JSON, and Markdown formats, see docs/OUTPUTS.md.


What This Project Does Not Do

agent-rules-kit does not claim to make a repository secure.

It does not:

  • prove that a repository is safe;
  • scan dependencies for vulnerabilities;
  • execute repository commands;
  • inspect private infrastructure;
  • call external APIs;
  • call an LLM;
  • modify files during check;
  • modify files during init --dry-run;
  • provide complete secret scanning;
  • replace human review.

A clean report means only that the implemented checks did not find a supported issue. It is not proof of safety, completeness, or production readiness.


Installation

v0.2.2 is published as a GitHub Release and PyPI package.

The published package can be installed from PyPI. Release publication uses PyPI Trusted Publishing from the GitHub Release workflow.

Normal CLI use

Requirements for using a published CLI release:

  • Python 3.12 or newer;
  • a Python virtual environment;
  • a published PyPI release of agent-rules-kit.

Install v0.2.2 in a virtual environment:

python -m venv .venv
.venv/bin/python -m pip install agent-rules-kit==0.2.2
.venv/bin/agent-rules-kit --version
.venv/bin/agent-rules-kit check /path/to/repository --format console

Normal CLI use does not require Ruff or any development dependency.

Development from source

Requirements for working on the repository and running local checks:

  • Python 3.12 or newer;
  • a Python virtual environment;
  • editable install with development dependencies.

Set up a local development environment from the source tree:

python -m venv .venv
.venv/bin/python -m pip install -e '.[dev]'
PATH="$PWD/.venv/bin:$PATH" ./scripts/check.sh

The development dependency group installs tools used by local checks, including Ruff. Installing only a system ruff binary is not enough for ./scripts/check.sh if the active Python cannot import the ruff module.

The source tree can also be used directly for quick CLI inspection:

PYTHONPATH=src python -m agent_rules_kit.cli --help

Release and PyPI Publishing

The v0.2.2 release was published through PyPI Trusted Publishing.

Release publishing is handled by:

.github/workflows/publish-pypi.yml

The workflow is intentionally limited:

  • it runs only when a GitHub Release is published;
  • it builds distributions in a separate build job;
  • it runs local checks before building distributions;
  • it verifies distributions with Twine before publishing;
  • it smoke-tests the wheel before publishing;
  • it uploads the built distributions as a short-lived workflow artifact;
  • it publishes through the pypi GitHub environment;
  • it grants id-token: write only to the publish job;
  • it does not use a static PyPI token, username, or password.

The published v0.2.2 package must remain verifiable by:

  • the GitHub Release tag pointing to the verified release SHA;
  • a successful PyPI publish workflow run;
  • a clean virtual environment installing and running agent-rules-kit==0.2.2 from PyPI.

Commands

Check a repository

Installed CLI usage:

.venv/bin/agent-rules-kit check /path/to/repository --format console

Source-tree development usage:

PYTHONPATH=src python -m agent_rules_kit.cli check tests/fixtures/repositories/single-agent

Example console output:

agent-rules-kit check: tests/fixtures/repositories/single-agent
Found 1 supported instruction file(s):
- AGENTS.md [agents]

JSON output

Installed CLI usage:

.venv/bin/agent-rules-kit check /path/to/repository --format json

Source-tree development usage:

PYTHONPATH=src python -m agent_rules_kit.cli check tests/fixtures/repositories/single-agent --format json

Markdown output

Installed CLI usage:

.venv/bin/agent-rules-kit check /path/to/repository --format markdown

Source-tree development usage:

PYTHONPATH=src python -m agent_rules_kit.cli check tests/fixtures/repositories/single-agent --format markdown

Init dry-run

init --dry-run shows what would happen without writing files:

PYTHONPATH=src python -m agent_rules_kit.cli init /path/to/repo --dry-run

Example behavior:

Mode: dry-run
No files will be modified.
Planned file actions:
- AGENTS.md [create] - baseline agent instruction file would be created

Init write

init --write must be requested explicitly:

PYTHONPATH=src python -m agent_rules_kit.cli init /path/to/repo --write

If root AGENTS.md already exists, it is backed up before replacement:

AGENTS.md.agent-rules-kit.bak

Output Formats

Supported check formats:

Format Purpose
console Human-readable terminal output
json Machine-readable output
markdown Markdown report output

The output format is selected with:

--format console
--format json
--format markdown

Safety Boundary

The runtime boundary is intentionally narrow.

The project must preserve these rules:

  • read-only by default;
  • no network access in runtime behavior;
  • no LLM dependency in runtime behavior;
  • no execution of commands from analyzed repositories;
  • no unsupported security guarantees;
  • secret-like values must be redacted;
  • write behavior must require explicit user intent;
  • generated or overwritten files must be handled conservatively.

Security-sensitive changes must be isolated in their own phase and covered by tests.

See:

  • SECURITY.md
  • docs/THREAT-MODEL.md

Repository Layout

.
├── .github/
│   ├── ISSUE_TEMPLATE/
│   ├── pull_request_template.md
│   └── workflows/
│       ├── ci.yml
│       └── publish-pypi.yml
├── docs/
│   ├── BUILD-PLAN.md
│   ├── OUTPUTS.md
│   ├── PRODUCT-STRATEGY.md
│   ├── RULES.md
│   ├── THREAT-MODEL.md
│   ├── V0.2-GOVERNANCE-RULES-SPEC.md
│   └── screenshots/
│       └── readme/
│           ├── agent-rules-kit-governance-findings.png
│           ├── agent-rules-kit-help-check.png
│           ├── agent-rules-kit-init-safety.png
│           └── agent-rules-kit-output-formats.png
├── scripts/
│   └── check.sh
├── src/
│   └── agent_rules_kit/
│       ├── __init__.py
│       ├── cli.py
│       ├── discovery.py
│       ├── findings.py
│       ├── governance.py
│       ├── init_plan.py
│       ├── init_write.py
│       └── redaction.py
├── tests/
├── AGENTS.md
├── CHANGELOG.md
├── CONTRIBUTING.md
├── LICENSE
├── README.md
├── SECURITY.md
├── SUPPORT.md
└── pyproject.toml

Quality Gates

Local verification is handled by:

PATH="$PWD/.venv/bin:$PATH" ./scripts/check.sh

Run this after installing development dependencies with:

.venv/bin/python -m pip install -e '.[dev]'

The local check suite verifies:

  • Python syntax;
  • unit tests;
  • Ruff lint checks;
  • UTF-8 text files;
  • LF line endings;
  • final newline;
  • no trailing whitespace;
  • Git whitespace checks.

Current verified local result on main:

./scripts/check.sh passes

The exact unit test count may change as coverage evolves. The source of truth is the current ./scripts/check.sh output and the matching GitHub Actions run for main.

CI installs project development dependencies and then runs the same local check script through GitHub Actions.

The required status check for main is:

local-checks / Python 3.12

Development Status

Current status:

  • v0.2.2 is published as a GitHub Release and PyPI package;
  • v0.2.1 remains the previous published GitHub Release and PyPI package baseline;
  • main may include post-v0.2.2 documentation or maintenance updates;
  • no stable support or API guarantee yet;
  • release tag v0.2.2 points to the verified release SHA;
  • local CLI behavior implemented;
  • governance diagnostics, structured finding evidence, and evidence redaction are implemented;
  • CI active;
  • branch protection is active with the required local-checks / Python 3.12 status check;
  • the pypi GitHub environment exists for the release publishing workflow;
  • .github/workflows/publish-pypi.yml published v0.2.2 through PyPI Trusted Publishing and remains the release publishing workflow;
  • README screenshots are generated from real local CLI commands;
  • security boundaries documented;
  • threat model documented.

For future releases, verify:

  • all intended changes for the release are merged into main;
  • no known release-blocking audit finding remains open;
  • local checks pass from a development virtual environment;
  • CI passes for the release SHA;
  • sdist and wheel build and install from clean temporary environments;
  • PyPI Trusted Publishing workflow is configured for the expected PyPI project, repository, workflow file, and pypi environment;
  • the GitHub Release publication triggers the PyPI publish workflow successfully through the pypi environment;
  • the published PyPI package installs and runs from a clean virtual environment;
  • output examples and screenshots are generated from real commands;
  • README documents normal CLI use, source-tree development use, virtual environment setup, development dependencies, and local checks;
  • README does not claim unsupported maturity;
  • SECURITY.md and CHANGELOG.md are current;
  • private vulnerability reporting status is accurately documented;
  • tag and GitHub Release point to the verified release SHA;
  • no real secrets or private data are present.

Maintainer Workflow

This repository follows a strict Always-Green workflow.

Required discipline:

  • never work directly on main after Genesis;
  • start each phase from clean, synchronized main;
  • create one branch per logical phase;
  • read real files before editing;
  • make minimal changes;
  • avoid git add .;
  • stage only expected files;
  • inspect staged diff before commit;
  • run local checks before push;
  • verify remote branch SHA after push;
  • open PR;
  • verify PR state, diff, and CI;
  • merge only after green checks;
  • use exact head SHA for merge;
  • verify main after merge;
  • verify CI on main;
  • delete local and remote phase branches.

A phase is complete only when:

main is clean
origin/main is synchronized
local checks pass
CI is green
the PR is merged
phase branches are deleted

Contributing

See CONTRIBUTING.md.

Any contribution must preserve the safety boundary documented in AGENTS.md, SECURITY.md, and docs/THREAT-MODEL.md.


Support

If this project helps you, you can support CDLAN public work here:

Support with PayPal

Support is optional. It does not change the license, support policy, or project boundaries.


License

MIT.

See LICENSE.


Scope Disclaimer

agent-rules-kit is a focused diagnostic tool for AI agent instruction files.

It is not a security product, not a general repository auditor, not a secret scanner, not an autonomous fixer, and not a replacement for maintainer review.


CDLAN · Less noise. More system.

agent-rules-kit footer wave

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

agent_rules_kit-0.2.2.tar.gz (737.8 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

agent_rules_kit-0.2.2-py3-none-any.whl (21.3 kB view details)

Uploaded Python 3

File details

Details for the file agent_rules_kit-0.2.2.tar.gz.

File metadata

  • Download URL: agent_rules_kit-0.2.2.tar.gz
  • Upload date:
  • Size: 737.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for agent_rules_kit-0.2.2.tar.gz
Algorithm Hash digest
SHA256 af67054f833d7d2290f630c5e4d0ce71f7eafa74e40bc0516b98a4f1a40f51cc
MD5 ce53e26356e3afe7632b2d636ee360c4
BLAKE2b-256 6671fc9259e2a0a8db27029adac6a62251dcbb7305991aed5a1ef14635f1adb9

See more details on using hashes here.

Provenance

The following attestation bundles were made for agent_rules_kit-0.2.2.tar.gz:

Publisher: publish-pypi.yml on CoderDeltaLAN/agent-rules-kit

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file agent_rules_kit-0.2.2-py3-none-any.whl.

File metadata

  • Download URL: agent_rules_kit-0.2.2-py3-none-any.whl
  • Upload date:
  • Size: 21.3 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for agent_rules_kit-0.2.2-py3-none-any.whl
Algorithm Hash digest
SHA256 9db614d61a8d436ed930fc7b3770e62be038057efb442d5a2c1cbc6a60e362a1
MD5 1412b3aa1fc8cf8fe8510dcb2c08f912
BLAKE2b-256 44636a6e5ad45315e91b656fac7dcb3f3ab7f71109fc40439c03b30271c31151

See more details on using hashes here.

Provenance

The following attestation bundles were made for agent_rules_kit-0.2.2-py3-none-any.whl:

Publisher: publish-pypi.yml on CoderDeltaLAN/agent-rules-kit

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page