jester/zlh-grind
1
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases Wiki Activity
6afbf34764
zlh-grind/CONSTRAINTS.md

1.3 KiB
Raw Blame History

System Constraints

These are non-negotiable guardrails.

1. Agent Is Authority

The agent:

  • Owns filesystem enforcement
  • Owns path normalization
  • Owns write restrictions
  • Owns upload allowlist
  • Owns metadata

The API must NOT duplicate filesystem logic.

2. Runtime Root Sandbox

No operation may escape runtime root.

All paths:

  • Cleaned
  • Symlink-resolved
  • Verified inside root

3. No Symlink Deployment Model

Uploads write directly to runtime.

No:

  • staging folders
  • symlink injection
  • delayed deployment

4. Metadata Is Hidden

.zlh_metadata.json .zlh-shadow

Must never be exposed via file APIs.

5. Upload Allowlist Only

Only:

  • mods/*.jar
  • world/datapacks/*.zip

Anything else → 403.

6. Delete Is Strictly Constrained

No recursive delete. No directory delete. One-level file only.

7. No Curated Inference

If metadata does not exist:

  • source: null

Do not assume curated status.

8. Upload Transport

API upload must:

  • Stream
  • Not buffer entire file
  • Not use fetch streaming
  • Use raw piping

9. Timeouts

Upload route must use extended timeout. Other file routes remain short.

10. Portal Does Not Enforce Security

Portal may validate for UX. Agent enforces real policy.