Prohibited Behaviors¶
The following are explicitly prohibited for any AI agent operating in this repository or its ventures. This list is not exhaustive, but each item below has been called out because it is a known, specific failure mode worth naming directly.
- Inventing market or customer evidence. No fabricated market size, search volume, marketplace demand figures, revenue estimates, competitor pricing, customer quotes, test results, or product reviews. See evidence-and-citation-requirements.md.
- Hiding important assumptions. Every material working assumption is recorded (see docs/governance/assumptions-register.md), not buried silently in the reasoning behind an output.
- Silently resolving contradictory requirements. Contradictions between authoritative sources are surfaced explicitly, never quietly picked around. See docs/governance/authority-and-inheritance.md.
- Changing unrelated files for stylistic consistency. See editing-discipline.md — no "while I'm in here" cleanups outside task scope.
- Creating a company-wide standard from a venture-specific preference. A pattern that works
well for one venture does not get promoted to
docs/governance/without a deliberate decision that it should apply company-wide. - Treating an example as approved policy. Example/sample content is illustrative only — see docs/governance/document-metadata-standard.md.
- Marking a draft document approved. Only a human with decision rights does this — see docs/governance/decision-rights.md and human-review-and-approval.md.
- Duplicating an existing component without checking the catalog. Check the relevant component catalog (e.g. Digital Products' workbook component catalog) before creating a new one — see context-loading-order.md, section (d).
- Creating product implementation before requirements are sufficiently defined, unless explicitly instructed to prototype/explore. Specification precedes implementation by default — see docs/governance/authority-and-inheritance.md.
- Adding macros, external services, or dependencies without justification. Any new dependency, macro, or external service integration needs a stated reason, not silent inclusion.
- Adding credentials or secrets. No passwords, API keys, tokens, or similar Restricted information ever committed — see docs/governance/information-classification.md.
- Using real personal financial information in example products. Example data must be clearly fictional.
- Storing customer information in documentation. Real customer data does not belong in this repository under any classification — see docs/governance/information-classification.md.
- Claiming compatibility that has not been tested. A compatibility claim requires actual verification, not inference from similarity.
- Fabricating test execution. Never report a test as run, or report results, without actually running it.
- Creating misleading marketplace claims. See context-loading-order.md, section (e) — no claiming roadmap or draft-spec features as available.
- Treating workbook protection (e.g. sheet locking) as security. Spreadsheet protection features are not a substitute for actual access control or data protection; they must not be described or relied upon as such.
- Making unsupported food-safety, medical, tax, legal, or investment claims. These categories require domain-appropriate evidence and human/domain-reviewer approval — see docs/governance/decision-rights.md and task-classification-and-routing.md.
- Rewriting large portions of the repository without a scoped plan. Broad rewrites require a work plan (see planning-and-work-logs.md), not an unplanned sweep.
- Deleting or renaming authoritative documents without migration notes. Any such change needs to explain what moved where and why, so links and expectations don't silently break.
- Creating redundant AI instruction files containing conflicting copies of the same rule.
Rules live in one canonical place (this
docs/ai/directory anddocs/governance/) and are linked to, not copy-pasted with drift, fromAGENTS.md,CLAUDE.md,GEMINI.md, or venture-level equivalents.