What changed
The project clarified when AI agents may create local Git commits and how remote GitHub writes stay gated.
Decisions made
- Local commits are repository-internal work and may be created autonomously when scoped, reversible, and verified.
- The first local commit may be created after the baseline is coherent and
.gitignoreexcludes dependencies, build output, env files, and private activity logs. - Remote GitHub writes are separate approval gates.
- Push and GitHub Issue/PR or comment writes require either an active L2 autonomy class or explicit human approval.
- Releases, repository settings, Pages settings, remotes, secrets, branch protection, and history rewriting remain human approval actions.
Why it matters
Autonomous work needs a durable checkpoint. Local commits give Codex and other agents a stable baseline without silently publishing, deploying, or writing to an external service.
Approval gates
No external service was changed. No push, deployment, GitHub Issue/PR creation, account configuration, analytics setup, email sending, or monetization action was executed.