1. Read the AI Safety Training Guide - Essential concepts for safe human-AI collaboration, including deception detection, scalable oversight, and control protocols

2. Take an AI Safety course at BlueDot Impact - Free, rigorous training programs covering AI safety fundamentals, governance, and alignment

Working with AI agents introduces risks that differ fundamentally from traditional software. Understanding these risks isn't optional - it's a prerequisite for responsible development.

Legal Notice

This repository contains dual-use research and tooling. The maintainer provides no guidance, consultation, or feature development -- whether solicited or unsolicited, compensated or uncompensated. This policy exists as a legal protection given the nature of the codebase.

• No feature requests will be accepted. Money does not change this.
• No guidance or consulting will be provided on usage, adaptation, or deployment of any component.
• No external contributions are accepted. See CONTRIBUTING.md.
• The maintainer does not seek or engage with community interaction. Public comments, issues filed by external parties, events, and news surrounding this repository or its components may be ignored without response to maintain neutrality and legal distance.
• No endorsement is implied. The existence of code in this repository does not constitute encouragement, recommendation, or endorsement of any particular use.

This repository is released under a public domain dedication. You may fork and adapt it freely. The maintainer assumes no obligation to any downstream user for any reason.

Project Philosophy

This project follows a container-first approach:

• All tools and CI/CD operations run in Docker containers for maximum portability
• Zero external dependencies - runs on any Linux system with Docker
• Self-hosted infrastructure - no cloud costs, full control over runners
• Single maintainer design - optimized for individual developer productivity, no contributors model
• Modular MCP architecture - Separate specialized servers for different functionalities

Quick Start

New to the template? Check out our Template Quickstart Guide for step-by-step customization instructions!

1. Prerequisites: Linux system with Docker (v20.10+) and Docker Compose (v2.0+)

2. Clone and setup

   git clone https://github.com/AndrewAltimit/template-repo
   cd template-repo
   # Build the Rust CLI tools (optional - pre-built binaries available in releases)
   cd tools/rust/board-manager && cargo build --release
   cd ../github-agents-cli && cargo build --release
   

3. Set API keys (if using AI features)

   export OPENROUTER_API_KEY="your-key-here"  # For OpenCode/Crush
   

4. Use with Claude Code: MCP servers are configured in .mcp.json and auto-started by Claude. See MCP Configuration for essential vs full setups.

5. Run CI/CD operations

   automation-cli ci run full  # Full pipeline
   

For detailed setup, see CLAUDE.md and Template Quickstart Guide.

AI Agents

Six AI agents for development and automation. See AI Agents Documentation for details.

Security Notice -- OpenAI/Google Disabled: OpenAI/Google integrations are disabled within PR reviews. OpenAI/Google permits government partners unrestricted use of their models. We only allow models with explicit prohibitions on mass surveillance and autonomous weapons.

| Agent | Provider | Use Case | Documentation | |-------|----------|----------|---------------| | Claude Code | Anthropic | Primary development assistant (recommended) | Setup Guide | | Codex | ~~OpenAI~~ | ~~Code generation~~ DISABLED - security risk | Setup Guide | | OpenCode | OpenRouter | Code generation | AI Code Agents | | Crush | OpenRouter | Code generation | AI Code Agents | | Gemini | ~~Google~~ | ~~Code review~~ DISABLED - security risk | Setup Guide | | GitHub Copilot | GitHub | PR review suggestions | - |

OpenCode and Crush provide equivalent code generation functionality via OpenRouter. Codex (OpenAI) and Gemini (Google) have been disabled -- see security notice above.

Security: Keyword triggers, user allow list, secure token management. See Security Model

Safety Training: Essential AI safety concepts for human-AI collaboration. See Human Training Guide

Sleeper Agents: Create and evaluate sleeper agents in order to detect misalignment and probe for deception. See Sleeper Agents Package

Agentic Git Workflow

AI agents autonomously manage the development lifecycle from issue creation through PR merge:

Issue Created → Admin Approval → Agent Claims → PR Created → AI Review → Human Merge

The Flow:

1. Issue Creation - Issues are created manually or by agents via backlog-refinement.yml, automatically added to the GitHub Projects board
2. Admin Approval - An authorized user comments [Approved][Claude] (or another agent name) to authorize work
3. Agent Claims - board-agent-worker.yml finds approved issues, the agent claims the issue and creates a working branch
4. Implementation - The agent implements the fix/feature and opens a PR
5. AI Review - pr-validation.yml triggers AI code review (Claude + OpenRouter); pr-review-monitor.yml lets agents iterate on feedback
6. Human Merge - Admin reviews and merges the PR

Security Model:

• Approval Required - Agents cannot work on issues without explicit [Approved][Agent] comment
• Authorized Users Only - Only users listed in .agents.yaml → security.agent_admins can approve
• Pattern Validation - Must use [Action][Agent] format (e.g., [Approved][Claude]) to prevent false positives
• Claim Tracking - Agents post claim comments with timestamps to prevent conflicts

See Security Documentation for the complete security model.

Reports & Research

Technical reports and guides exploring AI risks, safety frameworks, and philosophical questions. PDFs are automatically built from LaTeX source and published with each release.

Emerging Technology Risk Assessments

Scenario-based projection reports analyzing potential futures involving advanced AI systems. See Projections Documentation.

| Report | Topic | PDF | Source | |--------|-------|-----|--------| | AI Agents Political Targeting | Political violence risk | Download | LaTeX | | AI Agents WMD Proliferation | WMD proliferation risk | Download | LaTeX | | AI Agents Espionage Operations | Intelligence tradecraft | Download | LaTeX | | AI Agents Economic Actors | Autonomous economic actors | Download | LaTeX | | AI Agents Financial Integrity | Money laundering & corruption | Download | LaTeX | | AI Agents Institutional Erosion | IC monopoly erosion & verification pivot | Download | [LaTeX](docs/proj