docs: strengthen AGENTS.md to reduce recurring agent error patterns (GH#948)

[superdav42]

Summary

Addresses 4 recurring tool failure patterns reported in issue #948 (contributor insight from superdav42):

• webfetch:other (39x): Added WooCommerce docs and WP Plugin Handbook to prohibited URL list in the No External URL Fetching section.
• read:file_not_found (33x): Added 4 new entries to the do-not-exist table: inc/functions.php, inc/admin.php, SECURITY.md, and coverage-html/**.
• edit:not_read_first (26x): Added concrete anti-pattern and correct-pattern code examples to the Read Before Edit section.
• bash:other (29x): Added a new Quick Session Checklist at the top of Agent Guidance that surfaces all 4 checks prominently before any code is written.

What changed

EDIT: AGENTS.md - added Quick Session Checklist section, expanded do-not-exist table, added anti-pattern examples, expanded webfetch prohibited list.

Verification

Confirming new do-not-exist entries are absent: git ls-files 'inc/functions.php' 'inc/admin.php' 'SECURITY.md' returns empty for all three.

Resolves #948

---

aidevops.sh v3.11.3 plugin for OpenCode v1.3.17 with claude-sonnet-4-6 spent 5m and 13,647 tokens on this as a headless worker.

Summary by CodeRabbit

• Documentation
  • Updated internal agent guidelines with enhanced session reliability checklists, expanded file-discovery reference tables, and clarified external URL fetching restrictions to include additional developer documentation sources and usage patterns.

[superdav42]

MERGE_SUMMARY

What was done

Strengthened AGENTS.md agent guidance to address 4 recurring tool failure patterns from issue #948.

Changes:

• Added "Quick Session Checklist" section at top of Agent Guidance with all 4 checks surfaced before any code is written
• Expanded do-not-exist table with 4 new entries: inc/functions.php, inc/admin.php, SECURITY.md, coverage-html/**
• Added concrete anti-pattern + correct-pattern code examples to Read Before Edit section
• Added WooCommerce docs and WP Plugin Handbook to the prohibited webfetch URL list

How verified

• All new do-not-exist entries confirmed absent via git ls-files
• Anti-pattern examples use real file paths that exist in the repo
• Documentation-only change; no PHP/JS code modified

Resolves #948

---

aidevops.sh v3.11.3 plugin for OpenCode v1.3.17 with claude-sonnet-4-6 spent 6m and 14,164 tokens on this as a headless worker.

[coderabbitai]

📝 Walkthrough

Walkthrough

AGENTS.md documentation updates include a new Quick Session Checklist codifying four recurring failure preventions: banning constructed URL fetching, verifying file existence via git ls-files, enforcing immediate Read→Edit sequencing per file, and checking prerequisites before running commands. File-discovery paths and external URL guidelines are expanded with additional entries and examples.

Changes

Cohort / File(s)	Summary
Agent guidance documentation AGENTS.md	Added "Quick Session Checklist" with four failure-prevention rules; expanded read:file_not_found path table with additional absence-expected paths; updated "No External URL Fetching" section to include WooCommerce docs and WP Plugin Handbook; included concrete anti-pattern and correct-pattern code snippets for Read/Edit workflow.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~5 minutes

Possibly related PRs

• GH#943: docs(agents): expand guidance for 4 recurring error patterns from superdav42 #944: Overlapping AGENTS.md changes on read:file_not_found path checks and Read→Edit workflow enforcement.
• GH#919: docs(agents): add Agent Guidance section to address recurring error patterns #920: Shares core guidance updates on read-before-edit enforcement, webfetch bans, and git ls-files file verification.
• GH#940: docs(agents): expand bash:other guidance for WP test suite, npm build, and PHP one-liners #941: Overlaps on WordPress test-suite bootstrap prerequisite checking and verification guidance.

Suggested labels

origin:worker

Poem

🐰 Four rules to guide the path,
No webfetch wrath, git-check aftermath,
Read then edit, one at a time,
Prerequisites first—oh, what a rhyme! ✨

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately and specifically summarizes the main change: strengthening AGENTS.md documentation to address recurring agent error patterns, with direct reference to issue #948.
Linked Issues check	✅ Passed	All four objectives from issue #948 are addressed: webfetch:other (expanded prohibited URL list), read:file_not_found (expanded do-not-exist table), bash:other (Quick Session Checklist), and edit:not_read_first (anti-pattern and correct-pattern examples).
Out of Scope Changes check	✅ Passed	All changes are within scope: modifications to AGENTS.md documentation directly align with the four error patterns documented in issue #948, with no unrelated alterations.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feature/auto-20260425-163114-gh948

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

🔨 Build Complete - Ready for Testing!

📦 Download Build Artifact (Recommended)

Download the zip build, upload to WordPress and test:

• Build: ultimate-multisite
• ⬇️ Download from GitHub Actions
• ⬇️ Download without Github Account (nightly.link)

🌐 Test in WordPress Playground (Very Experimental)

Click the link below to instantly test this PR in your browser - no installation needed!
Playground support for multisite is very limitied, hopefully it will get better in the future.

🚀 Launch in Playground

Login credentials: admin / password

[coderabbitai]

🧹 Nitpick comments (1)

AGENTS.md (1)

301-316: Excellent examples that clearly demonstrate the Read→Edit sequencing requirement.

The anti-pattern and correct-pattern code blocks make the edit:not_read_first failure mode immediately understandable. The inline comment explaining why the anti-pattern fails is particularly helpful.

Optional: Specify language identifier to satisfy markdown linter.

The fenced code blocks at lines 303 and 311 trigger MD040 (fenced-code-language) warnings. Adding a text identifier would silence the linter without changing the content.

✨ Optional fix for markdown linting

Line 303:

-**Anti-pattern (causes `edit:not_read_first` failure):**
-
-```
+**Anti-pattern (causes `edit:not_read_first` failure):**
+
+```text
 Read(inc/models/class-membership.php)

Line 311:

-**Correct pattern:**
-
-```
+**Correct pattern:**
+
+```text
 Read(inc/models/class-membership.php)

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@AGENTS.md` around lines 301 - 316, The fenced code blocks demonstrating the
Read→Edit sequencing (the blocks containing the lines starting with
"Read(inc/models/class-membership.php)" and the subsequent example blocks
showing the anti-pattern and correct pattern) lack a language identifier and
trigger MD040; update both fenced code blocks to use a neutral identifier (e.g.,
```text) so the examples remain unchanged but the markdown linter is satisfied.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@AGENTS.md`:
- Around line 301-316: The fenced code blocks demonstrating the Read→Edit
sequencing (the blocks containing the lines starting with
"Read(inc/models/class-membership.php)" and the subsequent example blocks
showing the anti-pattern and correct pattern) lack a language identifier and
trigger MD040; update both fenced code blocks to use a neutral identifier (e.g.,
```text) so the examples remain unchanged but the markdown linter is satisfied.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: fe727ef5-fa0c-4ccc-927c-eef94796e7b9

📥 Commits

Reviewing files that changed from the base of the PR and between 8287501 and cac1124.

📒 Files selected for processing (1)

• AGENTS.md

[github-actions]

Performance Test Results

Performance test results for 4176f25 are in 🛎️!

Note: the numbers in parentheses show the difference to the previous (baseline) test run. Differences below 2% or 0.5 in absolute values are not shown.

URL: /

Run	DB Queries	Memory	Before Template	Template	WP Total	LCP	TTFB	LCP - TTFB
0	41	37.83 MB	844.50 ms (+24.50 ms / +3% )	165.50 ms (+16.00 ms / +10% )	1059.50 ms (+31.50 ms / +3% )	2034.00 ms	1926.75 ms (-40.10 ms / -2% )	84.45 ms (+1.90 ms / +2% )
1	56	49.03 MB	943.00 ms	140.50 ms	1084.00 ms	2086.00 ms	2012.25 ms	77.75 ms