# Anti-Drift Policy

The grind repo must reflect real implementation.

---

## Do NOT

- Document future features as complete
- Leave outdated architecture notes in any doc
- Allow staging/symlink model references to remain
- Duplicate filesystem rules outside the agent
- Add CORS to agents
- Expose agent ports through Caddy
- Reintroduce APIv1 endpoints
- Reintroduce Pterodactyl-based auth
- Use cookie-based authentication
- Use server-side portal sessions

---

## When Architecture Changes

1. Update `README.md`
2. Update `CONSTRAINTS.md`
3. Update the relevant architecture doc under `docs/architecture/`
4. Update `SESSION_LOG.md`
5. Close thread in `OPEN_THREADS.md` if resolved

---

## Console Anti-Drift

The interactive console **MUST** remain:

- PTY-backed
- Agent-owned
- WebSocket-based
- Full duplex (input + output)

Disallowed:
- Log tailing as "console"
- Exec-per-command models
- Frontend-owned processes
- Proxmox console passthrough

---

## Upload Anti-Drift

The upload pipeline **MUST** remain:

- Streamed via raw `http.request` piping in the API
- Direct runtime write in the agent (no staging, no symlinks)
- Enforced by agent allowlist only (portal does not enforce security)

Disallowed:
- `fetch()` for upload proxy
- Staging folders
- Symlink-based deployment
- API re-implementing agent filesystem policy

---

## Auth Anti-Drift

All auth must flow: `Portal → JWT → API`

Disallowed:
- CSRF token logic
- Cookie-based authentication
- APIv1 patterns
- Pterodactyl auth patterns

---

## Drift Response

If drift is detected:
1. Revert the change
2. Document why it was tempting
3. Re-apply only what serves usability and real architecture