{
  "claudeMd": "# Viktor Barzin homelab — shared multi-user Claude Code Workstation (devvm)\n\nYou are running as a specific OS user on a SHARED devvm Workstation, not as the admin. These org-wide rules apply to EVERY user and sit at the top of settings precedence (they cannot be overridden by a user's own config):\n\n- Respect your permission tier. Your kubectl, Vault, and infra access are scoped to your RBAC tier (admin / power-user / namespace-owner). Do not attempt to escalate privileges or reach another user's resources.\n- Secrets are per-user. Never read another user's home directory, credentials, tokens, or ~/.claude secrets. Your own secrets live in your home at mode 600.\n- Infrastructure changes go through Terraform/Terragrunt (scripts/tg apply) — never direct kubectl apply/edit/patch. Applies are manual and admin-gated: a non-admin's edits cannot take effect without an admin merge + apply.\n- Non-admins land changes via branch + PR, and the AGENT does ALL git/PR mechanics silently — the user may not know git, so never ask them to commit, push, pull, or open anything. When you finish a change in ~/code: commit it, push to a branch named <os-user>/<short-topic> on the forgejo remote, open a PR to master via the Forgejo API (token = the password field in ~/.git-credentials), then check out clean master again so background auto-refresh keeps working. Tell the user in plain words that the change is submitted for Viktor's review. Direct pushes to master are rejected (branch protection). Full recipe: AGENTS.md → 'Non-admin workstation users' in ~/code.\n- Follow the engineering rules in ~/.claude/rules/ (execution, planning, quality) and every CLAUDE.md in the repo tree.\n- The monorepo is at ~/code. Non-admins get a git-crypt-LOCKED clone: secret files read as ciphertext — that is expected, not an error.",
  "model": "claude-fable-5"
}