chore: add AGENTS.md for AI-assisted development

[ulises-jeremias]

Document key commands, tech stack, and code style conventions for AI development tools.

Summary by CodeRabbit

• Documentation
  • Added comprehensive instruction documentation for the CLI tool, outlining its project scaffolding purpose, technical requirements, standard development scripts, and code quality expectations.

[coderabbitai]

📝 Walkthrough

Walkthrough

A new AGENTS.md documentation file is added containing instruction specifications for the create-node-app CLI tool, detailing its purpose, required tech stack (TypeScript, Node.js 22+, pnpm 10+, Turborepo), example npm scripts, and code style conventions (ESLint flat config, Prettier, TypeScript strict mode).

Changes

Cohort / File(s)	Summary
Documentation AGENTS.md	Adds agent instruction documentation specifying the create-node-app CLI tool's purpose, technology stack, npm scripts, and code style expectations for developers and AI agents.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Poem

🐰 wiggles nose

A guide for agents, clear and bright,
Instructions penned with all the might,
For scaffolding projects, swift and true,
TypeScript, pnpm, Turborepo too! 📝✨

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and concisely describes the main change: adding an AGENTS.md file for AI-assisted development documentation.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch chore/add-agents-md

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

❌MegaLinter analysis: Error

Descriptor	Linter	Files	Fixed	Errors	Warnings	Elapsed time
✅ REPOSITORY	gitleaks	yes		no	no	3.48s
✅ REPOSITORY	git_diff	yes		no	no	0.02s
❌ REPOSITORY	osv-scanner	yes		22	no	3.75s
✅ REPOSITORY	secretlint	yes		no	no	1.14s
✅ REPOSITORY	syft	yes		no	no	2.63s
✅ REPOSITORY	trufflehog	yes		no	no	4.13s

Detailed Issues

❌ REPOSITORY / osv-scanner - 22 errors

Scanning dir .
Warning: plugin transitivedependency/pomxml can be risky when run on untrusted artifacts. Please ensure you trust the source code and artifacts before proceeding.
Starting filesystem walk for root: /
Scanned tools/danger/package-lock.json file and found 161 packages
Scanned package-lock.json file and found 587 packages
End status: 47 dirs visited, 219 inodes visited, 2 Extract calls, 41.015357ms elapsed, 41.015578ms wall time
Filtered 7 local/unscannable package/s from the scan.

Total 17 packages affected by 22 known vulnerabilities (1 Critical, 6 High, 13 Medium, 2 Low, 0 Unknown) from 1 ecosystem.
21 vulnerabilities can be fixed.

+-------------------------------------+------+-----------+-------------------------------------+---------+---------------+--------------------------------+
| OSV URL                             | CVSS | ECOSYSTEM | PACKAGE                             | VERSION | FIXED VERSION | SOURCE                         |
+-------------------------------------+------+-----------+-------------------------------------+---------+---------------+--------------------------------+
| https://osv.dev/GHSA-3p68-rc4w-qgx5 | 6.3  | npm       | axios                               | 1.13.6  | 1.15.0        | package-lock.json              |
| https://osv.dev/GHSA-fvcv-3m26-pcqx | 4.8  | npm       | axios                               | 1.13.6  | 1.15.0        | package-lock.json              |
| https://osv.dev/GHSA-f886-m6hf-6m8v | 6.5  | npm       | brace-expansion                     | 2.0.2   | 2.0.3         | package-lock.json              |
| https://osv.dev/GHSA-r4q5-vmmm-2653 | 6.9  | npm       | follow-redirects                    | 1.15.11 | 1.16.0        | package-lock.json              |
| https://osv.dev/GHSA-3v7f-55p6-f55p | 5.3  | npm       | picomatch                           | 2.3.1   | 2.3.2         | package-lock.json              |
| https://osv.dev/GHSA-c2c7-rcm5-vvqj | 7.5  | npm       | picomatch                           | 2.3.1   | 2.3.2         | package-lock.json              |
| https://osv.dev/GHSA-3v7f-55p6-f55p | 5.3  | npm       | picomatch (dev)                     | 4.0.3   | 4.0.4         | package-lock.json              |
| https://osv.dev/GHSA-c2c7-rcm5-vvqj | 7.5  | npm       | picomatch (dev)                     | 4.0.3   | 4.0.4         | package-lock.json              |
| https://osv.dev/GHSA-48c2-rrv3-qjmp | 4.3  | npm       | yaml (dev)                          | 2.8.1   | 2.8.3         | package-lock.json              |
| https://osv.dev/GHSA-h5c3-5r3r-rr8q | 5.3  | npm       | @octokit/plugin-paginate-rest (dev) | 2.21.3  | 9.2.2         | tools/danger/package-lock.json |
| https://osv.dev/GHSA-rmvr-2pp2-xj38 | 5.3  | npm       | @octokit/request (dev)              | 5.6.3   | 8.4.1         | tools/danger/package-lock.json |
| https://osv.dev/GHSA-xx4v-prfh-6cgc | 5.3  | npm       | @octokit/request-error (dev)        | 2.1.0   | 5.1.1         | tools/danger/package-lock.json |
| https://osv.dev/GHSA-vpq2-c234-7xj6 | 3.3  | npm       | @tootallnate/once (dev)             | 2.0.0   | 3.0.1         | tools/danger/package-lock.json |
| https://osv.dev/GHSA-grv7-fg5c-xmjg | 7.5  | npm       | braces (dev)                        | 3.0.2   | 3.0.3         | tools/danger/package-lock.json |
| https://osv.dev/GHSA-fjxv-7rqg-78g4 | 9.4  | npm       | form-data (dev)                     | 4.0.0   | 4.0.4         | tools/danger/package-lock.json |
| https://osv.dev/GHSA-869p-cjfg-cm3x | 7.5  | npm       | jws (dev)                           | 3.2.2   | 3.2.3         | tools/danger/package-lock.json |
| https://osv.dev/GHSA-952p-6rrq-rcjv | 5.3  | npm       | micromatch (dev)                    | 4.0.5   | 4.0.8         | tools/danger/package-lock.json |
| https://osv.dev/GHSA-8g77-54rh-46hx | 8.9  | npm       | parse-git-config (dev)              | 2.0.3   | --            | tools/danger/package-lock.json |
| https://osv.dev/GHSA-3v7f-55p6-f55p | 5.3  | npm       | picomatch (dev)                     | 2.3.1   | 2.3.2         | tools/danger/package-lock.json |
| https://osv.dev/GHSA-c2c7-rcm5-vvqj | 7.5  | npm       | picomatch (dev)                     | 2.3.1   | 2.3.2         | tools/danger/package-lock.json |
| https://osv.dev/GHSA-6rw7-vpxm-498p | 6.3  | npm       | qs (dev)                            | 6.12.0  | 6.14.1        | tools/danger/package-lock.json |
| https://osv.dev/GHSA-w7fw-mjwx-w883 | 3.7  | npm       | qs (dev)                            | 6.12.0  | 6.14.2        | tools/danger/package-lock.json |
+-------------------------------------+------+-----------+-------------------------------------+---------+---------------+--------------------------------+

See detailed reports in MegaLinter artifacts
Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff

Show us your support by starring ⭐ the repository

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@AGENTS.md`:
- Around line 16-24: The docs show npm commands but the repo standard is pnpm
10+; update the example commands in AGENTS.md by replacing the three occurrences
of "npm run build", "npm run test:all", and "npm run lint" with the pnpm
equivalents "pnpm build", "pnpm test:all", and "pnpm lint" (or explicitly note
both npm/pnpm are supported), ensuring the displayed bash snippet and any
related README examples use pnpm to match the declared package manager.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 20db42af-8ffa-4d41-bb7d-2ede4ea4fdc2

📥 Commits

Reviewing files that changed from the base of the PR and between 2a7f689 and 0f58a66.

📒 Files selected for processing (1)

• AGENTS.md

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Unify package-manager commands with stated pnpm standard.

You declare pnpm 10+ as the package manager, but examples use npm run .... Please switch examples to pnpm (or explicitly state both are supported) to avoid agent/tooling drift. Based on learnings: Use pnpm 10+ as the package manager.

Suggested doc fix

 ```bash
 # Build all packages
-npm run build
+pnpm build

 # Run tests
-npm run test:all
+pnpm test:all

 # Lint
-npm run lint
+pnpm lint

</details>

<details>
<summary>🤖 Prompt for AI Agents</summary>

Verify each finding against the current code and only fix it if needed.

In @AGENTS.md around lines 16 - 24, The docs show npm commands but the repo
standard is pnpm 10+; update the example commands in AGENTS.md by replacing the
three occurrences of "npm run build", "npm run test:all", and "npm run lint"
with the pnpm equivalents "pnpm build", "pnpm test:all", and "pnpm lint" (or
explicitly note both npm/pnpm are supported), ensuring the displayed bash
snippet and any related README examples use pnpm to match the declared package
manager.

</details>

<!-- fingerprinting:phantom:triton:hawk:2503cc1a-0ea4-49ce-80f9-d81b68fdea22 -->

<!-- This is an auto-generated comment by CodeRabbit -->