sancho41/condado-newsletter
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs(policy): enforce server-side data ownership and backend LLM mediation

Browse Source 
- clarify frontend may only rely on backend-issued session token cookie for auth

- forbid frontend browser storage for domain/business data

- require backend-mediated LLM calls across agent workflows
This commit is contained in:
Gabriel Sancho
2026-03-27 02:49:16 -03:00
parent ebcea643c4
commit 11f80b9dd7
5 changed files with 23 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.github/agents/backend.agent.md vendored
View File

@@ -98,3 +98,5 @@ cd backend
- DO NOT put business logic in controllers.
- DO NOT put prompt construction logic outside `PromptBuilderService`.
- DO NOT modify frontend code — your scope is `backend/` only.
- DO enforce server-side persistence for all business/domain data; frontend must not be required to persist domain data.
- DO model generated test-message history as backend-owned task-related data with referential integrity and cleanup on task deletion.

5
.github/agents/frontend.agent.md vendored
View File

@@ -39,6 +39,8 @@ frontend/src/
7. **Routes:** new pages go in `src/pages/`, registered in `src/router/index.tsx`, lazy-loaded.
8. **Strings:** no hardcoded user-facing strings outside of constants.
9. **No over-engineering:** only add what is explicitly needed — no extra abstractions, helpers, or features.
10. **Data ownership:** domain/business data must stay server-side; frontend never persists entities, tasks, generated messages, logs, or similar domain data in `localStorage`, `sessionStorage`, or `IndexedDB`.
11. **LLM calls:** frontend must never call OpenAI/Ollama/Llama directly; use backend APIs only.
## TDD Cycle
@@ -59,4 +61,5 @@ frontend/src/
- DO NOT store server data in `useState`.
- DO NOT build custom UI primitives when a shadcn/ui component exists.
- DO NOT write implementation code before the failing test exists.
- DO NOT modify backend code — your scope is `frontend/` only.
- DO NOT modify backend code — your scope is `frontend/` only.
- DO NOT store business/domain data in browser storage; only the backend-issued `httpOnly` session cookie is allowed for auth state.

2
.github/agents/orchestrator.agent.md vendored
View File

@@ -159,6 +159,8 @@ Read the new version from `frontend/package.json` after bumping.
- ALWAYS verify `git status` is clean before creating the branch.
- ALWAYS use `gh pr create` (GitHub CLI) for pull requests — never instruct the user to open one manually unless `gh` is unavailable.
- If `gh` is not installed, clearly tell the user and provide the exact PR title and body to paste into the GitHub UI.
- ALWAYS enforce backend ownership of business/domain data; do not accept frontend browser storage solutions for domain persistence.
- ALWAYS enforce backend-mediated LLM calls; frontend must never call LLM providers directly.
---

2
.github/agents/planner.agent.md vendored
View File

@@ -52,6 +52,8 @@ For each step output:
- DO reference specific existing files by path when relevant (e.g., `backend/src/main/kotlin/.../EntityService.kt`).
- ALWAYS check the existing codebase before planning — never assume something doesn't exist.
- ALWAYS respect the architecture: business logic in services, thin controllers, API layer in `src/api/`, React Query for server state.
- ALWAYS enforce backend-first data ownership in plans: domain/business data persistence belongs to backend/database, not browser storage.
- NEVER plan frontend direct LLM calls; all LLM interactions must be backend-mediated endpoints.
## Delegation Hint