AI builds it working. It doesn't build it safe.

Point your coding agent at one page and it builds the secure version instead of the naive one. The migration that won't lock your table. The upload that won't leak your data. The thing you didn't know you got wrong. Free, no signup, works whether you're an engineer or not.

chrisnorthfield.com/rules

Paste that into your agent: "read chrisnorthfield.com/rules, then build it."

Want it all in one fetch? Point any agent at chrisnorthfield.com/rules/llms-full.txt.

What goes wrong

AI writes code like a brilliant junior who's read every book and shipped nothing. Confident, tidy, and quietly wrong in the ways that bite you later. It'll happily give you a database anyone can read, a form that saves your users' card numbers, a server that hands out its own cloud keys. It won't warn you, because it doesn't know to.

What this is

Fifteen years of "don't do that, do this", written down so your agent reads it before it builds. Not a course, not a framework you have to learn. A page your AI looks things up in, the way it should have all along. You bring the idea. It handles the bits that are easy once you know them, and dangerous when you don't.

See the difference

Asking your agent to make a column required, on a live table with real traffic:

Before 

ALTER TABLE users
  ALTER COLUMN email SET NOT NULL;

What your agent writes on its own. It locks the whole table while it scans every row, so nobody can read or write until it finishes. On a big table, that's downtime.

After 

ALTER TABLE users
  ADD CONSTRAINT users_email_nn
  CHECK (email IS NOT NULL) NOT VALID;

ALTER TABLE users
  VALIDATE CONSTRAINT users_email_nn;

ALTER TABLE users
  ALTER COLUMN email SET NOT NULL;

What it writes once it's read this. Same result, no table lock, no downtime.

Who it's for

If you're an engineer, it's the senior who'd have caught it in review.

If you're not, it's the safety net so the thing you're building doesn't quietly fall over or leak.

How to use it

  1. Tell your agent: read chrisnorthfield.com/rules, then build.
  2. It reads the rules first, and checks anything it's unsure about with you.
  3. It builds the safe version. That's it.

Read the rules or install the skill so your agent fetches them automatically.

This won't make you unhackable. Nothing does. It catches the common, avoidable stuff that an experienced engineer would flag and an AI won't. It's free because it should be. If something's wrong or missing, tell me and I'll fix it.