Context
AGENTS.md gives repositories a place to tell coding agents how to work safely and effectively in a codebase.
As coding agents become more autonomous, many repositories will need to specify not only style and workflow rules, but also the checks that generated code must pass before a human reviews it.
Problem
Agent-authored changes can fail in predictable ways:
- tests not run;
- generated files committed accidentally;
- secrets or local paths leaked;
- package artifacts include unintended files;
- dependency changes are made without justification;
- security scanners are skipped;
- docs/examples drift from code;
- risky commands are run without permission.
Different repositories can describe these expectations manually, but a common recommended section would make AGENTS.md more useful across tools and projects.
Proposal
Would it make sense to document an optional section for generated-code safety checks?
For example:
## Generated-code safety checks
Before submitting changes, agents should:
- run the project test command: `<command>`;
- run lint/type checks: `<command>`;
- inspect generated/package artifacts: `<command>`;
- check for secrets or local-only paths: `<command>`;
- avoid committing files matching: `<patterns>`;
- summarize dependency changes and why they are needed;
- state which checks could not be run.
The section would remain optional and project-specific. The value would be giving maintainers a predictable place to encode safety expectations.
Use cases
- More reliable agent-generated PRs.
- Easier human review.
- Better behavior across multiple coding agents.
- Standard place to document project-specific safety gates.
- Reduced accidental commits of generated artifacts, local files, or secrets.
Non-goals
- Defining one universal safety policy.
- Requiring every repository to use the section.
- Replacing CI.
- Preventing maintainers from using their own structure.
Open questions
- Is this too prescriptive for the current scope of AGENTS.md?
- Should this live in the main example, advanced guidance, or a recipe?
- Should there be separate sections for "must run", "should run", and "state if unable to run"?
- Are there existing conventions this should align with?
Context
AGENTS.mdgives repositories a place to tell coding agents how to work safely and effectively in a codebase.As coding agents become more autonomous, many repositories will need to specify not only style and workflow rules, but also the checks that generated code must pass before a human reviews it.
Problem
Agent-authored changes can fail in predictable ways:
Different repositories can describe these expectations manually, but a common recommended section would make
AGENTS.mdmore useful across tools and projects.Proposal
Would it make sense to document an optional section for generated-code safety checks?
For example:
The section would remain optional and project-specific. The value would be giving maintainers a predictable place to encode safety expectations.
Use cases
Non-goals
Open questions