The /push command is the ultimate safety guardrail mechanism ensuring humans and agents alike don’t mistakenly leak production configuration secrets or broken code to Git repositories.
It performs deep secret scanning, kicks off pre-commit build checks, constructs AI-generated Conventional Commits, and augments the tracking CHANGELOG.md.
Operation Syntax
/push [project-name] # Default: Runs Build & Test suite
/push [project-name] --quick # Skips testing phase
/push [project-name] "feat: new thing" # Manually supply a commit titleSafety Guardrail Integrations
0. Rules Pre-flight (v1.5.4)
Before any step executes, the agent re-reads .agent/rules.md from disk to restore rule context. This is part of the Defense-in-Depth Layer 3 protection — ensuring rules survive context truncation in long sessions.
1. Pre-Commit Security Audit (REQUIRED)
Scans the entire altered environment Git Tree. Executables will HALT with strict red violations if stray elements like .env, .pem, .key pop-up unfiltered outside the established exclusion scope.
2. Built-in CI Gateway
Triggers pre-compilation (e.g. npm run build) via --test. Forces fixing pipeline discrepancies up-front instead of pushing regression into the golden master copy.
3. Automated Conventional Commits
Scavenges file diffs into standard structured format feat:, fix:, docs:, refactor:. It then parses these actions cleanly inside the native [Unreleased] block of your CHANGELOG.md documentation base.