MDBX Agent Execution Rules
This document defines guardrails for lower-capability models working on MDBX.
Primary goal
Produce outputs compatible with the full MDBX spec set. Resolve ambiguity by prioritizing:
- local-first behavior
- long-term format stability
- project-centered storage
- native attachments
- safe mergeability
- better sync behavior than KDBX
Absolute requirements
You MUST:
- read
00.MDBX-Spec-Index.mdfirst - read relevant numbered specs before proposing architecture changes
- treat this folder as the source of truth
- keep terminology stable
- keep requirements testable
- preserve backward compatibility
- preserve unknown fields during read/write
- keep secrets encrypted and authenticated at rest
You MUST NOT:
- invent new core object types without a spec update
- replace
projectwith a flat entry-only model - treat attachments as optional undocumented side files
- require a server for normal open/edit/save/import/export/merge/recover flows
- design small edits that require full-vault rewrites
- silently auto-merge conflicting values in the same secret field
Required working method
- Identify governing spec files for the task
- List affected invariants
- Design the smallest compliant solution
- Define data shape before APIs
- Define persistence before UI
- Define conflict behavior before sync code
- Define acceptance checks before done
Decision order
- security correctness
- durability and recoverability
- compatibility stability
- local-first behavior
- sync friendliness
- performance
- implementation simplicity
- UI convenience
Failure definition
A proposal fails if it:
- rewrites full vault content for tiny metadata edits
- removes
projectas first-class container - leaves attachment metadata/integrity undefined
- cannot explain concurrent edit detection
- cannot explain partial-corruption recovery
- cannot explain future compatibility behavior