docs: rename CLAUDE.md to AGENTS.md and rebrand provider-agnostic

Delete CLAUDE.md in favor of AGENTS.md as the orientation doc, rebrand the project from Codex-bottle to provider-agnostic bot-bottle, and repoint every CLAUDE.md reference across PRDs, research notes, the implementer agent example, and the yaml_subset comment. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-05-28 20:32:35 -04:00
parent e641bacf2d
commit 18e3b62b72
13 changed files with 21 additions and 72 deletions
@@ -415,7 +415,7 @@ cannot smuggle a stolen token through this path.
 The proxy binary. Two real options:

 - **Python (stdlib)** — `http.server` + `urllib`/`http.client`,
-  no new pip packages. Matches CLAUDE.md's "Python, stdlib-first,
+  no new pip packages. Matches AGENTS.md's "Python, stdlib-first,
  low-deps" posture. SSE pass-through is fiddly but doable.
 - **Go single binary** — cleaner SSE story, smaller runtime,
  one static binary in a scratch/distroless image. New build
@@ -24,7 +24,7 @@ no `bottles/` subdirectory, period.
 The YAML we accept is bounded (flat keys → strings, lists, simple
 nested dicts), so the parser is hand-rolled and stdlib-only — no
 PyYAML dependency. The project's "low deps by default" stance
-(CLAUDE.md) stays intact.
+(AGENTS.md) stays intact.

 ## Problem

@@ -70,4 +70,4 @@ It's still the wrong placement for five reasons:
 - PRD 0014 — cred-proxy block remediation.
 - PRD 0015 — pipelock block remediation.
 - PRD 0016 — capability block remediation.
- `CLAUDE.md` — project non-goal on agent-to-agent communication; this PRD stays on the human→agent side of that line.
+- `AGENTS.md` — project non-goal on agent-to-agent communication; this PRD stays on the human→agent side of that line.
@@ -201,7 +201,7 @@ The feature is **done** when all of the following ship:
  smolmachines-capable host. The suite is updated to skip cleanly
  on hosts that can't reach smolmachines (same shape as the
  existing `GITEA_ACTIONS == "true"` skip), not to fail.
- README + `CLAUDE.md` updated to document the env-var selection,
+- README + `AGENTS.md` updated to document the env-var selection,
  the macOS-only scope for v1, and the `smolvm` install
  prerequisite.

@@ -123,7 +123,7 @@ The feature is **done** when all of the following ship:
  - Integration: existing PRD 0001 / 0008 / 0013 / 0017
    integration tests run against the bundle and pass.
  - Integration: PRD 0022 sandbox-escape suite stays green.
- `CLAUDE.md` updated to describe the bundle and the
+- `AGENTS.md` updated to describe the bundle and the
  daemons-inside layout.

 ## Non-goals
@@ -173,7 +173,7 @@ The feature is **done** when all of the following ship:
 - Test updates: unit and integration tests that probe the
  four-container shape get rewritten against the one-container
  shape.
- README + CLAUDE.md doc updates.
+- README + AGENTS.md doc updates.

 ### Out of scope

@@ -399,7 +399,7 @@ rewrite.
   PRD 0022 stays green.
 5. **Docs + flag removal.** Flip the default, remove the
   feature flag, delete `Dockerfile.{egress,git-gate,supervise}`,
-   update README + CLAUDE.md.
+   update README + AGENTS.md.

 ## Open questions

@@ -130,7 +130,7 @@ preserves this format.
 **Pros**

 - Zero migration cost.
- Stdlib parser; no new dependency. The project's CLAUDE.md sets
+- Stdlib parser; no new dependency. The project's AGENTS.md sets
  "low dependencies by default" as a guideline.
 - Stable, predictable parse semantics. No type-coercion gotchas.
 - Tooling everywhere — IDE support, linters, jq.
@@ -162,7 +162,7 @@ ruamel.yaml).

 - **New runtime dependency.** The project today uses zero
  third-party Python packages for production code; YAML parsing
-  pulls in PyYAML. (CLAUDE.md: "Python, stdlib-first; low-deps by default.")
+  pulls in PyYAML. (AGENTS.md: "Python, stdlib-first; low-deps by default.")
 - YAML's footguns: indentation sensitivity, the Norway problem
  (`country: NO` → boolean False), implicit type coercion that's
  surprised non-trivial production projects.
@@ -734,7 +734,7 @@ Key PRD scope for this work:
 - Add a dnsmasq configuration step: install dnsmasq in the Dockerfile, configure
  it to serve only allowlisted names, and set `--dns 127.0.0.1` in `docker run`.
 - Block outbound UDP port 53 to non-dnsmasq resolvers in the iptables rules.
- Document the `--cap-add` changes in `CLAUDE.md` under security.
+- Document the `--cap-add` changes in `AGENTS.md` under security.

 ### Tier 2 (v2, higher isolation): smokescreen sidecar

@@ -486,7 +486,7 @@ plausibly run pipelock on the host and skip Docker entirely.
 ### Where bot-bottle does work pipelock does not

 The redundancy argument breaks down once the actual goals from
-`CLAUDE.md` are enumerated:
+`AGENTS.md` are enumerated:

 1. **Filesystem isolation that survives a misbehaving agent.** Docker
   containers give an entire kernel-mediated mount namespace and a separate
@@ -584,7 +584,7 @@ some other way. That is not the use case the project was built for.

 2. **Does the pipelock Docker image introduce supply-chain risk?**
   Pulling `ghcr.io/luckypipewrench/pipelock:latest` brings in a binary
-   from an unvetted source. Pinning by digest (as the CLAUDE.md recommends
+   from an unvetted source. Pinning by digest (as the AGENTS.md recommends
   for supply-chain hygiene) and building from source are both options.

 3. **What is the actual DLP false-positive rate for the secrets bot-bottle
@@ -223,7 +223,7 @@ scope and the manifest example carries `/Users/didericis` paths:
   right v2.
 3. **Firecracker only if** bot-bottle's deployment target settles on
   self-hosted Linux, not laptops — at which point the "non-goal:
-   self-hosted VMs" line in `CLAUDE.md` flips and the project's
+   self-hosted VMs" line in `AGENTS.md` flips and the project's
   identity changes.

 The pipelock egress design ports across all of these, so none of this