Home

AGENTS.md audit

AGENTS.md Audit for Multi-Agent Workspaces

An AGENTS.md audit reviews the shared operating contract for coding agents. It checks whether the file still matches the workspace, whether tool and privacy boundaries are clear, and whether memory rules are small enough for agents to follow without carrying unnecessary baggage.

View pricing plans

When this matters

  • A workspace receives every agent run through one AGENTS.md file.
  • Rules from earlier projects were copied forward and may no longer apply.
  • The team needs a safer memory policy before adding more autonomous agents.

How to run the audit

  1. Inventory role rules, permission rules, memory rules, tool rules, and external-action rules.
  2. Find prompt-injection-like language, outdated paths, broad commands, and conflicting instructions.
  3. Map each rule to a scope: workspace, repo, human preference, temporary incident, or public policy.
  4. Recommend keep, rewrite, split, expire, or remove actions.
  5. Export an agent-readable hygiene report and policy summary.

Common risks

  • A single broad workspace file can leak unrelated context into the wrong project.
  • Copied rules can make agents assume permissions that were never intended.
  • A very long instruction file can reduce attention to the few rules that matter.

How Memory Hygiene Audit connects this to checkout

Memory Hygiene Audit makes AGENTS.md review repeatable with scoring, context trimming, policy receipts, and team evidence exports.

Teams can preview the score, then use the Team Hygiene annual checkout to generate the full cleanup diff, reviewer notes, and agent-readable JSON policy.