kaiiiichen · kaiiiichen · Apr 19, 2026 · Apr 19, 2026
diff --git a/.cursor/rules/git-workflow.mdc b/.cursor/rules/git-workflow.mdc
@@ -5,8 +5,10 @@ alwaysApply: true
 
 # Git workflow — branch + PR only
 
-`main` is protected. **Never `git push` directly to `main`**, even if you have
-bypass permissions. Every change must go through a pull request.
+The owner uses **SSH** remotes (`git@github.com:...`) and **`main`** as the only
+integration branch. **`main` is protected.** Never `git push` directly to
+`main`, even if you have bypass permissions. Every change must go through a
+pull request and merge on GitHub.
 
 See `AGENTS.md` for the full canonical version. Short form:
 

diff --git a/AGENTS.md b/AGENTS.md
@@ -6,6 +6,14 @@ Instructions for **AI coding agents** (Cursor, Claude Code, Codex, Copilot, etc.
 
 ---
 
+## Owner defaults (read first)
+
+- **Remote:** Use **SSH** — `git@github.com:kaiiiichen/kaichen.dev.git`. If `origin` is HTTPS and push fails with “could not read Username”, set: `git remote set-url origin git@github.com:kaiiiichen/kaichen.dev.git`.
+- **Default branch:** Always **`main`** (not `master`).
+- **Merge policy:** **Open a PR and merge through GitHub** every time — no direct pushes to `main`, even when the agent could technically push.
+
+---
+
 ## Git workflow — always branch + PR
 
 **Never push directly to `main`.** Treat `main` as protected: every change goes through a **pull request** with CI green. Even with bypass permissions, use the PR flow unless the repository owner explicitly overrides with a written reason.