Hamburger Cross Icon
AI Use Guardrails - Lunar Policy for Devex Build And Ci

AI Use Guardrails

Policy Experimental Devex Build And Ci

Enforce AI coding assistant standards across your organization. Validate instruction files, naming conventions, plans directories, CI safety flags, structured output usage, and AI authorship annotations.

Add ai-use to your lunar-config.yml:
uses: github://earthly/lunar-lib/policies/ai-use@v1.0.0
Get Started View on GitHub

Included Guardrails

This policy includes 9 guardrails that enforce standards for your devex build and ci.

Guardrail

instruction-file-exists

Verifies that an agent instruction file exists at the repository root. Passes if any recognized file is found (AGENTS.md, CLAUDE.md, GEMINI.md, CODEX.md).

agents.md claude.md ai instructions agent context
View Guardrail
Guardrail

canonical-naming

Verifies the root instruction file uses the canonical vendor-neutral name (AGENTS.md by default). Repos with only CLAUDE.md pass the existence check but fail this naming check.

agents.md naming convention vendor neutral
View Guardrail
Guardrail

instruction-file-length

Validates that the root instruction file is within reasonable length bounds. Too short means insufficient context; too long wastes context window budget and can reduce AI task success rates.

agents.md length context window token budget
View Guardrail
Guardrail

instruction-file-sections

Ensures the root instruction file contains required section headings. Validates that essential information like project overview and build commands is documented for AI agents.

agents.md sections documentation structure agent context
View Guardrail
Guardrail

symlinked-aliases

Verifies that CLAUDE.md symlinks exist alongside AGENTS.md files. Claude Code does not support the AGENTS.md filename natively, so a symlink is required for compatibility. Other tools (Gemini, Codex) support AGENTS.md directly.

claude.md symlink agents.md compatibility
View Guardrail
Guardrail

plans-dir-exists

Verifies that a dedicated plans directory exists for AI agent task planning. A dedicated directory keeps AI-generated plans organized and reviewable.

ai plans agent planning task management
View Guardrail
Guardrail

ai-cli-safe-flags

Ensures AI CLI tools running in CI do not use dangerous permission-bypassing flags. Flags like --dangerously-skip-permissions (Claude), --yolo (Codex/Gemini), and --sandbox danger-full-access (Codex) remove safety guardrails.

ci safety dangerous flags permissions sandbox
View Guardrail
Guardrail

ai-cli-structured-output

Ensures AI CLI tools in CI headless mode use structured JSON output instead of plain text. JSON output makes AI automation deterministic and parseable.

json output structured output ci automation
View Guardrail
Guardrail

ai-authorship-annotated

Verifies that commits include AI authorship annotations. Supports the Git AI standard (usegitai.com) for automated line-level tracking and git trailers as a lightweight manual alternative.

ai authorship git ai code attribution ai tracking
View Guardrail

How Guardrails Fit into Lunar

Lunar guardrails define your engineering standards as code. They evaluate data collected by integrations and produce pass/fail checks with actionable feedback.

Policies support gradual enforcement—from silent scoring to blocking PRs or deployments—letting you roll out standards at your own pace without disrupting existing workflows.

Learn How Lunar Works
1
Integrations Gather Data
Collectors extract metadata from code, CI pipelines, tool outputs, and scans
2
{ } Centralized as JSON
All data merged into each component's unified metadata document
3
Guardrails Enforce Standards This Policy
Real-time feedback in PRs and AI workflows

Required Integrations

This policy evaluates data gathered by one or more of the following integration(s). Make sure to enable them in your lunar-config.yml.

Collector Code AnalysisCi Cd Required
AI Use Collector

Provides AI usage metadata from repos and CI pipelines

Configuration

Configure this policy in your lunar-config.yml.

Inputs

Input Required Default Description
canonical_filename Optional AGENTS.md The canonical (vendor-neutral) instruction filename
required_symlinks Optional CLAUDE.md Comma-separated list of symlinks required alongside the canonical file
min_lines Optional 10 Minimum number of lines for the root instruction file (0 to disable)
max_lines Optional 300 Maximum number of lines for the root instruction file (0 to disable)
max_total_bytes Optional 32768 Maximum combined bytes across all instruction files (0 to disable)
required_sections Optional Project Overview,Build Commands Comma-separated required section heading substrings (case-insensitive)
dangerous_flags_claude Optional --dangerously-skip-permissions,--allow-dangerously-skip-permissions Comma-separated dangerous flags for Claude CLI
dangerous_flags_codex Optional --dangerously-bypass-approvals-and-sandbox,--yolo,--full-auto Comma-separated dangerous flags for Codex CLI
dangerous_flags_gemini Optional --yolo,-y Comma-separated dangerous flags for Gemini CLI
min_annotation_percentage Optional 0 Minimum percentage of commits that should have AI annotations (0 = awareness mode)

Documentation

View on GitHub

AI Use Guardrails

Enforces AI coding assistant usage standards including instruction files, naming conventions, CI safety, and authorship tracking.

Overview

This policy plugin validates how AI coding assistants are used across your organization. It ensures repositories have properly structured instruction files, follow naming conventions, avoid dangerous CI flags, use structured output in automation, and track AI authorship in commits. These guardrails help teams adopt AI tools safely and consistently at scale.

Policies

This plugin provides the following policies (use include to select a subset):

Policy Description Failure Meaning
instruction-file-exists Agent instruction file must exist at repo root No AGENTS.md, CLAUDE.md, or similar file found
canonical-naming Root instruction file should use the canonical name Root file is not named AGENTS.md (vendor-neutral)
instruction-file-length Root instruction file within reasonable length bounds (set any threshold to 0 to disable) File is too short (insufficient context) or too long (wastes token budget)
instruction-file-sections Root instruction file contains required sections Missing required headings like Project Overview or Build Commands
symlinked-aliases CLAUDE.md symlinks exist alongside AGENTS.md files Missing CLAUDE.md symlink needed for Claude Code compatibility
plans-dir-exists Dedicated plans directory exists No .agents/plans/ directory found
ai-cli-safe-flags AI CLI tools in CI avoid dangerous flags Dangerous permission-bypassing flags detected (e.g. --dangerously-skip-permissions)
ai-cli-structured-output AI CLI tools in CI headless mode use JSON output Headless AI CLI invocation missing structured output flag
ai-authorship-annotated Commits include AI authorship annotations Commits lack AI usage metadata (Git AI notes or trailers)

Required Data

This policy reads from the following Component JSON paths:

Path Type Provided By
.ai_use.instructions object ai-use collector
.ai_use.plans_dir object ai-use collector
.ai_use.cicd.cmds[] array ai-use collector
.ai_use.authorship object ai-use collector

Note: Ensure the corresponding collector is configured before enabling this policy.

Installation

Add to your lunar-config.yml:

policies:
  - uses: github://earthly/lunar-lib/policies/ai-use@v1.0.0
    on: ["domain:your-domain"]
    enforcement: report-pr
    # include: [instruction-file-exists, canonical-naming]  # Only run specific checks
    # with:
    #   canonical_filename: "AGENTS.md"
    #   required_symlinks: "CLAUDE.md"
    #   min_lines: "10"            # 0 to disable
    #   max_lines: "300"           # 0 to disable
    #   max_total_bytes: "32768"   # 0 to disable
    #   required_sections: "Project Overview,Build Commands"

Examples

Passing Example

A repository with a properly configured AGENTS.md, CLAUDE.md symlink, and plans directory:

{
  "ai_use": {
    "instructions": {
      "root": {
        "exists": true,
        "filename": "AGENTS.md",
        "lines": 85,
        "sections": ["Project Overview", "Architecture", "Build Commands"]
      },
      "count": 3,
      "total_bytes": 4200,
      "directories": [
        {
          "dir": ".",
          "files": [
            { "filename": "AGENTS.md", "is_symlink": false },
            { "filename": "CLAUDE.md", "is_symlink": true, "symlink_target": "AGENTS.md" }
          ]
        }
      ]
    },
    "plans_dir": { "exists": true, "path": ".agents/plans", "file_count": 2 },
    "cicd": {
      "cmds": [
        { "cmd": "claude -p --output-format json 'review this'", "tool": "claude", "version": "1.0.20" }
      ]
    },
    "authorship": { "total_commits": 10, "annotated_commits": 8 }
  }
}

Failing Examples

No instruction file at root (fails instruction-file-exists)

{
  "ai_use": {
    "instructions": {
      "root": { "exists": false },
      "count": 0,
      "total_bytes": 0
    }
  }
}

Failure message: "No agent instruction file found at repository root (e.g. AGENTS.md, CLAUDE.md, GEMINI.md)"

Only CLAUDE.md at root, no AGENTS.md (fails canonical-naming)

{
  "ai_use": {
    "instructions": {
      "root": { "exists": true, "filename": "CLAUDE.md", "lines": 50 }
    }
  }
}

Failure message: "Root instruction file is CLAUDE.md — rename to AGENTS.md and create CLAUDE.md as a symlink (Claude Code requires the symlink)"

Dangerous CI flags detected (fails ai-cli-safe-flags)

{
  "ai_use": {
    "cicd": {
      "cmds": [
        {
          "cmd": "claude --dangerously-skip-permissions -p 'deploy to prod'",
          "tool": "claude",
          "version": "1.0.20"
        }
      ]
    }
  }
}

Failure message: "claude CI invocation uses dangerous flag: --dangerously-skip-permissions"

Remediation

instruction-file-exists

Create an AGENTS.md file at the repository root with project context for AI coding assistants. Include sections covering project overview, build commands, and testing instructions.

canonical-naming

Rename your instruction file to AGENTS.md (the vendor-neutral canonical name) and create symlinks for tool-specific names:

mv CLAUDE.md AGENTS.md
ln -s AGENTS.md CLAUDE.md

instruction-file-length

If too short: add meaningful content — project overview, architecture notes, build commands, testing patterns, and common gotchas. If too long: use progressive disclosure — keep the root file focused and create subdirectory AGENTS.md files for module-specific details. Codex hard-caps at 32KB combined. Set any threshold to "0" to disable that specific check.

instruction-file-sections

Add the missing required sections as markdown headings. Default required sections are ## Project Overview and ## Build Commands. Customize via the required_sections input.

symlinked-aliases

Create CLAUDE.md as a symlink to AGENTS.md in each directory that has an instruction file:

ln -s AGENTS.md CLAUDE.md

plans-dir-exists

Create a dedicated plans directory for AI agent task planning:

mkdir -p .agents/plans

ai-cli-safe-flags

Remove dangerous permission-bypassing flags from AI CLI invocations in CI. Use scoped permissions instead: Claude's allowedTools, Codex's execpolicy rules, or Gemini's sandbox profiles.

ai-cli-structured-output

Add structured output flags to headless AI CLI invocations in CI: --output-format json for Claude/Gemini, --json for Codex.

ai-authorship-annotated

Install Git AI for automated line-level AI authorship tracking, or add git trailers manually to commits: AI-model: claude-4, AI-tool: cursor.

Open Source

This policy is open source and available on GitHub. Contribute improvements, report issues, or fork it for your own use.

View Repository

Common Use Cases

Explore how individual guardrails work with specific integrations.

+
Instruction File Exists + AI Use Collector Verifies that an agent instruction file exists at the repository root. Passes if...
+
Canonical Naming + AI Use Collector Verifies the root instruction file uses the canonical vendor-neutral name...
+
Instruction File Length + AI Use Collector Validates that the root instruction file is within reasonable length bounds. Too...
+
Instruction File Sections + AI Use Collector Ensures the root instruction file contains required section headings. Validates...
+
Symlinked Aliases + AI Use Collector Verifies that CLAUDE.md symlinks exist alongside AGENTS.md files. Claude Code...
+
Plans Dir Exists + AI Use Collector Verifies that a dedicated plans directory exists for AI agent task planning. A...
+
Ai Cli Safe Flags + AI Use Collector Ensures AI CLI tools running in CI do not use dangerous permission-bypassing...
+
Ai Cli Structured Output + AI Use Collector Ensures AI CLI tools in CI headless mode use structured JSON output instead...
+
Ai Authorship Annotated + AI Use Collector Verifies that commits include AI authorship annotations. Supports the Git AI...

Ready to Automate Your Standards?

See how Lunar can turn your engineering wiki, compliance docs, or postmortem action items into automated guardrails with our 100+ built-in guardrails.

Works with any process
check Infrastructure conventions
check Post-mortem action items
check Security & compliance policies
check Testing & quality requirements
Automate Now
Turn any process doc into guardrails
Book a Demo