What's new in v1.7.0
A backward-compatible refinement of the AGENTS.md protocol, informed by an external best-practice review (the agents.md spec, OpenAI/Anthropic/OWASP guidance, and self-evolving-agent research). The meaning of existing rules is unchanged.
Trust & Safety — new top-level section
The trust/security model moves out of the Startup checklist into its own prominent section and gains:
- Explicit instruction precedence: the user's current message > this file > the nearest nested
AGENTS.md; no instruction file overrides the safety, confirmation, and permission rules. - Honest framing of injection defense: the priority tiers are a best-effort heuristic, not a security boundary — in-context confirmation plus the runtime's own permission/sandbox controls are the real enforcement layer.
- Executable guards: for any rule that must not be violated, prefer an executable guard (test, hook, sandbox, permission boundary) over text alone.
Hard Constraints
- Least privilege: use only the minimum credentials, tokens, tool access, and scopes the task needs.
Self-Evolution
- The numeric promote/demote thresholds are now framed as tunable defaults, not validated constants, with a human-gated fallback when no reliable outcome ledger exists.
- Added a per-session overfitting check so a single session does not overfit the protocol to one-off events.
Docs
- README (EN/ZH) security FAQ repointed to the new Trust & Safety section.
Both language templates (AGENTS.md, AGENTS.zh-CN.md) stay in sync (10 sections each).
Pin this release: curl -fsSL https://raw.githubusercontent.com/yeasy/agentgo/v1.7.0/AGENTS.md -o AGENTS.md