Skip to content
ZajLibrary
prod e051e98
Browse

CodeCanyon AI System kit

Resources · kit · Laravel · AI System

Companion kit for Phase 1 · Set up the AI System. Copy its contents into a fresh CodeCanyon Laravel project root, run seed.sh, fill placeholders, and restart your session — you get the full agent operating system without hand-authoring every dotfile.

What this kit is

Section titled “What this kit is”

A multi-file bundle plus seed.sh that materializes the Phase 1 AI System: cross-tool constitution (AGENTS.md), Claude permission modes with a destructive-command blocker, 32 universal rules, stack skills, and Cursor/Gemini/Codex wiring. It is the what ready-made; the playbook steps explain the why.

Which playbook steps it shortcuts

Section titled “Which playbook steps it shortcuts”

Use the kit as an alternative path through steps 3–6 after you complete steps 1–2 (project folder + machine setup):

StepTitleKit role
3Project constitutionSeeds AGENTS.md, CLAUDE.md, templates
4Claude configShips .claude/settings.json, modes, hooks
5Rules & skillsSeeds .claude/rules/ and skills
6Cursor & other IDEsShips .mcp.json, .cursor/ mirror; kit also ships .vscode/ if step 1 did not

You still must finish 7 · Verify & gate before Phase 2. Manual walkthrough: Alternative · kit + seed.sh.

Prerequisites

Section titled “Prerequisites”
  • Steps 1–2 done — project folder exists, vendor ZIP on disk, machine tools installed (create project · machine setup)
  • Terminal at the project root (where seed.sh will run)
  • bash available (macOS/Linux; WSL on Windows)

Download

Section titled “Download”

One command from your project root fetches and installs the kit — no repo clone, no manual copy:

Terminal window
curl -fsSL https://library.zajapps.com/kits/codecanyon-ai-system.tgz | tar -xz && bash seed.sh

Prefer to inspect first? Browse the kit files → (full file map + committed-vs-gitignored split), and read seed.sh after extracting, before you run it. The two steps below explain what that one-liner does.

Steps

Section titled “Steps”

1. Download + extract into the project root

Section titled “1. Download + extract into the project root”

From your project root (same level as your Laravel app/ folder), pipe the tarball through tar so seed.sh, dot-claude/, dot-mcp.json, and the rest land at the repo root:

Terminal window
curl -fsSL https://library.zajapps.com/kits/codecanyon-ai-system.tgz | tar -xz

2. Run the installer

Section titled “2. Run the installer”
Terminal window
bash seed.sh
  • Expected: printed rename log; dot-* → real dotfiles; project_context.md materialized from template

3. Fill placeholders

Section titled “3. Fill placeholders”

Replace tokens in AGENTS.md, rules, and project_context.md — see the Placeholders table. Use your secrets manager for credentials; never commit secrets.

4. Pick permission mode and restart the session

Section titled “4. Pick permission mode and restart the session”
Terminal window
./.claude/claude-mode/bin/set-claude-mode.sh medium   # strict | medium | yolo | show

Restart Claude Code / Cursor so the new .claude/ tree and rules load.

5. Verify

Section titled “5. Verify”

Run the Phase 1 gate checklist before Phase 2:

  • AGENTS.md and CLAUDE.md exist at repo root; agent reads constitution on boot
  • .vscode/settings.json excludes _source/ for Intelephense; .vscode/extensions.json present
  • .claude/settings.local.json exists (gitignored) with your chosen mode
  • Destructive-command hook blocks a test rm -rf / (see kit docs below)
  • Full gate: 7 · Verify & gate

What’s inside

Section titled “What’s inside”

After seed.sh, the project root matches the Phase 1 hub tree.

  • AGENTS.md cross-tool constitution (canonical)
  • dot-gitignore.bootstrap.example copy → .gitignore before git init (/ _source/ fully ignored; seed.sh does not write it)
  • CLAUDE.md thin pointer → AGENTS.md
  • CLAUDE.local.md.example personal env (gitignored after copy)
  • .mcp.json Laravel Boost MCP
  • Directory.vscode/
    • settings.json Intelephense excludes _source/ (committed)
    • extensions.json PHP/Laravel recommendations
    • launch.json Xdebug stub
  • .cursorignore
  • Directory.cursor/
    • rules/000-boot.mdc Cursor boot rule → constitution
    • skills/README.md placeholder — full orchestrator NOT in kit (see machine setup §5)
    • commands/deploy-codecanyon.md orchestrator stub
    • Directoryagents/ project subagents (empty)
    • hooks.json destructive-command guard
  • Directory.claude/
    • settings.json project-wide (committed)
    • settings.local.json.example personal mode (gitignored)
    • .gitignore ignores settings.local.json + backups
    • Directoryrules/ 32 universal rules + project_context template + seeder
    • skills/README.md placeholder — install full orchestrator separately (machine setup §5)
    • commands/deploy-codecanyon.md orchestrator stub
    • hooks/vendor-edit-reminder.sh advisory vendor-edit guard
    • Directoryagents/ project subagents (empty)
    • Directoryclaude-mode/ switcher + block-destructive hook + 3 presets
  • seed.sh the installer
  • MANIFEST.md full file map + committed/gitignored split

Placeholders

Section titled “Placeholders”
PlaceholderYou fill withFile
<AppName>Product / repo nameAGENTS.md, project_context.md
<LOCAL_URL>Dev URL (e.g. https://app.test)CLAUDE.local.md
Credential pointersStored in: 1Password … — never passwordsCLAUDE.local.md

The constitution (AGENTS.md)

Section titled “The constitution (AGENTS.md)”

Every agent reads this first. The canonical, tool-agnostic contract:

# AGENTS.md — <AppName>
> Cross-tool constitution. Every AI agent reads this FIRST.


## Read first (the read-set)
1. AGENTS.md   2. .claude/rules/   3. CLAUDE.local.md   4. _CUSTOMIZATIONS.md


## Safety rules (non-negotiable)
- Tinker: never CUD records without explicit approval; prefer read-only SQL.
- Vendor files: never modify vendor/; log deviations in _CUSTOMIZATIONS.md.
- Migrations: guard with hasTable/hasColumn; never fresh|wipe|reset on shared data.
- .env: always double-quote values (special chars truncate unquoted).
- Secrets: never echo secret chars into a session; use the secrets manager.
- Post-change: run `git diff --name-only` and report before committing.

Permission modes + the hard-block hook

Section titled “Permission modes + the hard-block hook”

claude-mode/ ships three presets and a switcher. The PreToolUse hook runs above the permission system — it blocks destructive commands even in bypassPermissions (yolo) mode:

Terminal window
./.claude/claude-mode/bin/set-claude-mode.sh medium   # strict | medium | yolo | show


# the hook hard-blocks (exit 2) regardless of mode:
echo '{"tool":"Bash","input":{"command":"rm -rf ./DO_NOT_CREATE_CONFIRM_HOOK_TEST"}}' \
  | ./.claude/claude-mode/hooks/block-destructive.sh   # → BLOCKED, exit 2
ModedefaultModeUse when
strictplanSecurity/deploy/review — read-only
mediumacceptEditsDefault for active dev
yolobypassPermissionsLocal refactors — never prod/real creds

Universal rules (.claude/rules/)

Section titled “Universal rules (.claude/rules/)”

32 committed rules — behavioral (feedback_*) and reference (reference_*) — loaded at every session start: vendor-handling traps, the ZAJ:BEGIN/END customization-ownership system, Laravel execution patterns, secret/Stripe safety, i18n gotchas, and the rule-persistence protocol. See the rules & skills step for the full catalog.

Troubleshooting

Section titled “Troubleshooting”

seed.sh fails on rename

Section titled “seed.sh fails on rename”

Ensure you run from the project root and no conflicting dotfiles already exist. Move or merge manually, then re-run.

Agent does not load new rules

Section titled “Agent does not load new rules”

Restart the IDE session after seed.sh — rules are read at session start, not mid-chat.

Full walkthrough

Section titled “Full walkthrough”

The seven Phase 1 steps explain every file and the reasoning behind it:

  1. Create the project & code
  2. Machine setup
  3. Project constitution
  4. Claude config
  5. Rules & skills
  6. Cursor & other IDEs
  7. Verify & gate