heatdrop.ai

The hottest AI & LLM repositories on GitHub — measured, ranked, and explained.

← all repositories
DenisSergeevitch/agents-best-practices

A leash for your agent: runtime rules that keep LLMs from going rogue

A provider-neutral skill that teaches Codex and Claude Code to design harnesses where the model proposes and the runtime decides.

1.9k stars AgentsCoding AssistantsLLMOps · Eval
View on GitHub
agents-best-practices
Velocity · 7d
+79
★ / day
Trend
steady
star history

What it does

This is a packaged “Agent Skill” — a bundle of reference docs and trigger rules that installs into Codex or Claude Code. When a conversation touches agent architecture, tool permissions, or production readiness, the skill activates and guides the model toward designing disciplined harnesses rather than vague prompt soup. It generates MVP blueprints, audits existing loops, and designs narrow typed tools with permission gates.

The interesting bit

The core insight is almost boring, which is why most people skip it: the model should propose, but the harness must validate, authorize, execute, and record. The skill encodes this as a concrete loop — context builder → model call → schema validation → permission check → execution or pause → structured observation — and makes the agent apply it to whatever domain you name. It treats “boring” runtime plumbing as the actual product.

Key highlights

  • Provider-neutral: works with OpenAI, Anthropic, and compatible APIs via a single SKILL.md entrypoint
  • Fourteen reference docs covering loops, compaction, caching, evals, checklists, and connector governance
  • Risk-class-based permissions: reads, drafts, writes, and destructive actions follow separate paths with approval records outside the prompt
  • Install via npx skills add, manual clone, or by asking your agent to do it
  • Explicitly not a multi-agent framework; starts with single-agent MVPs and expands only after measured failures

Caveats

  • The README is clear about what this is not: it won’t replace runtime authorization, sandboxing, or audit logs
  • No code to run — this is documentation and prompt scaffolding, not a library
  • Effectiveness depends on how well the host agent (Codex/Claude Code) actually follows the skill’s trigger rules

Verdict

Grab this if you’re building or auditing agentic systems and want your AI assistant to think in terms of harnesses, budgets, and permission gates rather than clever prompts. Skip it if you’re looking for a drop-in runtime framework — this teaches design patterns, it doesn’t execute them.

heatdrop uses Google Analytics to see which pages get read — nothing else. Your call. How we handle data.