chg: dev: update project docs

Add remote server access rules to ``AGENTS.md``. Update workflow doc with clarification step and fix numbering.
2026-02-13 04:07:44 +01:00
parent 9903579b98
commit f8a5caec60
1 changed files with 11 additions and 7 deletions
--- a/AGENTS.md
+++ b/AGENTS.md
@@ -52,19 +52,23 @@ migrations or service integrations, include coverage that exercises
 failure paths. For granular checks, `./vendor/bin/phpunit --filter
 FooTest` is acceptable, but always run the full suite before pushing.

-## Commit & Pull Request Guidelines
-
-Commits in this repo mix Conventional Commit prefixes (`new:`, `fix:`,
-`chg:`); `fix: prevent null totals`. Keep messages in the imperative
-mood and reference ticket IDs when available.
+## Pull Request Guidelines

 Pull requests must describe scope, list schema or configuration
-changes, and note any manual follow-up (cron, storage links,
-queues).
+changes, and note any manual follow-up (cron, storage links, queues).

 Attach screenshots or terminal logs when touching UI or console
 output, and ensure CI scripts (when available) pass.

+## Remote Server Access
+
+- **BLOCKING**: NEVER execute state-changing commands on remote
+  servers without explicit per-command user approval. Only READ
+  operations are allowed by default (logs, status, select queries,
+  configuration inspection). Write operations include but are not
+  limited to: `migrate`, `seed`, write queries, file modifications,
+  service restarts, deployments. No exceptions.
+
 ## Environment & Security Notes

 Copy `.env.example` to `.env` and run `php artisan key:generate`