CHEATSHEET · 01AI-native dev · master cheatsheet
The agentic dev loop
- ·READ — gather context with a read-only / plan permission mode
- ·PLAN — write a checklist BEFORE any edits (saved to a file, not vibes)
- ·EDIT — implement strictly against the checklist; one step at a time
- ·VERIFY — run tests + lint + type-check; failure re-enters PLAN, not EDIT
- ·Loop until verify passes; never merge while red
Where rules live (highest precedence first)
- ·User-typed message at this turn
- ·Slash-command / skill body for an explicit command
- ·AGENTS.md / CLAUDE.md / cursor.rules at repo root
- ·Subdirectory-scoped CLAUDE.md (e.g. apps/web/CLAUDE.md)
- ·Personal global rules (~/.claude/CLAUDE.md)
- ·Default system prompt
Permission scopes (cheapest → most powerful)
- ·plan / read-only — no writes, no shell, just analysis
- ·acceptEdits — write/edit files, no shell
- ·acceptShell (allowlisted) — shell limited to a regex allow-list
- ·auto / yolo — full shell, full edit. Use only with sandboxed exec
- ·Always pair auto-mode with a Docker sandbox + secrets-scanning hook
When to reach for which agent (2026 picks)
- ·Long-horizon refactor / multi-day ticket → Devin or Claude Code with skills
- ·Pair-mode 'tab to apply' edits in your IDE → Cursor Agent / Windsurf
- ·CLI / monorepo / Unix shell heavy → Claude Code, Codex CLI, Aider
- ·Self-hosted / open-source backbone → Cline (VS Code) + Ollama + gpt-oss
- ·TDD-first / git-native → Aider remains best-in-class
- ·Async PR closer (Slack/Linear → PR) → Devin, Cosine, OpenAI Codex Cloud
CHEATSHEET · 02Project rules · battle-tested CLAUDE.md / AGENTS.md template
Mandatory sections (every repo)
- ·Project description: 2-3 sentences, what this repo IS
- ·Build / test / lint commands: copy-pasteable, no 'see README'
- ·Coding conventions: naming, file layout, imports, error style
- ·DO / DO NOT lists: bug history distilled into rules
- ·External services: which DBs, queues, APIs are in play
High-leverage sections (most repos)
- ·Permission boundaries: where agent can/cannot edit
- ·Verification gate: exact command that defines 'green'
- ·Common gotchas: 'when X breaks, check Y first'
- ·Linked references: ADRs, runbooks, incident postmortems
- ·Example commits: a 1-line link to a 'good PR' from this repo
Anti-patterns (delete on sight)
- ·'Be helpful' / 'think step by step' — the model already does this
- ·Generic style guides — link, don't paste
- ·Stale TODOs from 6 months ago
- ·Long lists of 'don't' without WHY — agents need the why
- ·Anything contradicted by the actual code (delete or fix the code)
Hooks that pay for themselves
- ·PreToolUse: block bash matching `rm -rf|curl.*|.*\$\(`
- ·PostToolUse Edit/Write: run prettier/black on the edited file
- ·PostToolUse Edit/Write: type-check the changed module
- ·Stop: print test summary + delta-coverage to the conversation
- ·PreCompact: dump current TODO list + file list so context survives