Environment Separator

Environment Separator

Enforce strict separation between test and production environments.

The Three Laws of Environment Separation

1. Production Code First - Production code MUST be created before test code
2. Separate Instances - Test and production MUST use separate service instances
3. No Data Mixing - Test data must NEVER contaminate production databases

Pre-Flight Checklist

Before creating test code or running tests:

• Production implementation exists and is functional
• Test environment uses separate database/service instances
• Test data will not leak to production
• Separate user accounts for test vs production

Forbidden Patterns (NEVER ALLOW)

1. Tests writing to production databases
2. Test fixtures in production code paths
3. Shared database instances (even separate schemas)
4. Test credentials in production configs
5. Production data in tests without sanitization

When Uncertain

If you cannot verify environment separation:

1. HALT the operation immediately
2. Ask the user to confirm environment boundaries
3. Do NOT proceed until separation is guaranteed

Pi Enforcement

When running in pi, environment separation is supported by the @architectit/pi-guardrails extension:

• Output validation auto-redacts database URLs and credentials (prevents leaking prod connection strings)
• Canary tokens can detect if production file contents are being exfiltrated into output
• The MCP bridge (when connected) provides guardrail_mcp with action check_test_prod_separation for explicit verification

See [[output-security]] and [[canary-tokens]] for details.

Task

Verify that test and production environments are properly separated for the current operation. Check environment boundaries, credentials, and data flows. Halt if separation cannot be guaranteed.

References

• docs/standards/TEST_PRODUCTION_SEPARATION.md - Full environment rules
• skills/production-first/SKILL.md - Production-first mandate
• docs/AGENT_GUARDRAILS.md - Core safety protocols