Added codex-generated AGENTS.md

[metachris]

No description provided.

[Copilot]

Pull Request Overview

This PR adds a new AGENTS.md file containing comprehensive development guidelines for the repository. The document provides structured guidance on project organization, build processes, coding standards, testing practices, and security considerations.

• Establishes standardized development workflow with make targets for formatting, linting, and testing
• Documents project structure including module organization and file placement conventions
• Provides coding style guidelines and commit/PR best practices

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[Copilot]

Consider adding guidance on proper file permissions for basic-auth-hash.txt (e.g., 600 or 640) to prevent unauthorized access to authentication credentials.

Suggested change

	- Maintain `basic-auth-hash.txt` outside version control; rotate secrets through the `/api/v1/set-basic-auth` endpoint.
	- Maintain `basic-auth-hash.txt` outside version control; set file permissions to `600` or `640` to prevent unauthorized access; rotate secrets through the `/api/v1/set-basic-auth` endpoint.

[Copilot]

This guideline should specify that environment variables containing secrets should be clearly documented and mention potential risks of environment variable exposure in process lists.

Suggested change

	- Secrets, ports, and paths should be injected via config or env; never hardcode sensitive values.
	- Secrets, ports, and paths should be injected via config or environment variables; never hardcode sensitive values. Environment variables containing secrets must be clearly documented, and note that such secrets may be exposed in process lists or logs—consider using configuration files or secret managers where possible.