3 min readTechnical

Technical

AI Agents and Git: A Marriage That Needed Rules

3 min read

Letting AI agents run git commands is one of the biggest productivity unlocks available. It is also one of the biggest footgun sources. I have watched agents delete branches, rewrite history, and force push in ways that cost real time to recover from. Here are the rules I live by now.

Rule 1: Never Skip Hooks

I used to let agents use --no-verify to bypass failing hooks. That was wrong. Hooks fail for reasons. Skipping them moves the problem from pre-commit to production. Now hooks must pass for any agent-driven commit. If they fail, the agent investigates and fixes.

This rule alone caught a linter error that would have shipped silently and an environment variable typo that would have crashed a Lambda. Both found by hooks, both skipped by a careless agent before I made the rule.

Rule 2: No Destructive Operations Without Explicit Permission

git reset --hard, git push --force, git branch -D, git clean -fd. These commands destroy work. I never let agents run them as part of autonomous execution. Any destructive operation requires explicit authorization from me in the moment.

Rule 3: New Commits Over Amends

When something goes wrong, agents love to amend. That is rarely what you want. Amending can obliterate the commit you care about. The safe move is to create a new commit and, only once everything is green, consider a tidy-up. I now forbid agent-driven amends entirely.

bash
# Rules I enforce in CLAUDE.md
NEVER use git --no-verify unless explicitly authorized
NEVER use git reset --hard without permission
NEVER use git push --force
NEVER use git commit --amend (create new commits instead)
ALWAYS stage files by name, not with `git add .`
ALWAYS write descriptive commit messages

Rule 4: Stage Files By Name

git add . sweeps in whatever is in the directory, including accidental secrets, build artifacts, and unrelated work in progress. I have agents stage files by explicit name. Slower, safer, every time.

The Meta Discipline

The common thread across these rules is: reduce the blast radius of a confused agent. Agents are confident. Confident wrong is the hardest kind of wrong to catch. Tight git discipline means that even a confused agent cannot do irreversible damage.

This is the pattern I apply everywhere now: give agents capability, but constrain the shape of that capability so mistakes stay cheap. See the git documentation for the full tool set. The rules above are about which parts of that tool set agents get to use without supervision.

RELATED READING

Technical2 min

The Consulting Shift I Am Making In Year Two

After a year of writing and building, my consulting practice is changing shape. Shorter engagements. Sharper outcomes.

Read
Technical2 min

The Frontend Shift: Shipping Less JavaScript In Year Two

A year ago I reached for Next.js for everything. This year I often reach for nothing.

Read
Technical2 min

The Serverless Lesson I Would Write On A Sticky Note

After a year of shipping serverless projects, one rule explains most of the wins and all of the losses.

Read