| # Agent Instructions and Project Constraints |
| |
| This file documents key constraints and concepts for the `autorepro` repository to guide future agent interactions. |
| |
| ## Templates are Strictly Standalone |
| |
| Each project within the `example/` and `templates/` directories is designed to be completely standalone. A user can copy any of these individual directories (e.g., `templates/app-with-activity`) to a new location on their filesystem and expect it to work without any external dependencies from the parent `autorepro` repository. |
| |
| **Implication:** All documentation, scripts, and code within a template directory **must not** use relative paths that point outside of that directory (e.g., `../templates` or `../../README.md`). All links and references must be self-contained. |
| |
| ## `sync-common.sh` and Synced File Constraints |
| |
| The `sync-common.sh` script is the source of truth for common configuration files that must be kept identical across the `example` project and all `templates`. |
| |
| **Implication:** Any file listed in this script is considered generic and must not contain content specific to a single template. The content must be universally applicable to all projects. For example, the `AGENTS.md` file is synced by this script, and therefore must contain general instructions rather than template-specific guidance. |
| |
| ## Vulnerability Scope |
| |
| **AutoRepro submissions are for vulnerabilities in the Android Platform or SoC components only.** |
| |
| The PoC applications you build with these templates are tools to *trigger* and *demonstrate* a platform vulnerability. The app itself should not be the vulnerable component. Your test should prove that your PoC app can bypass a security boundary enforced by the Android OS or hardware. |
