AI

The Two Configuration Layers Every AI Developer Needs

Global rules that follow you everywhere. Project rules that stay with the code. Getting these two layers right is the single highest-leverage thing you can do before your first agentic session.

The Two Configuration Layers Every AI Developer Needs
Podcast46:14
Read transcript
# Transcript — ai-coding-setup ep 01 _Auto-generated with mlx-whisper (mlx-community/whisper-base.en-mlx). Lightly readable; not edited._ Picture this, you spend like an entire week meticulously configuring an AI coding agent on project A right getting the stack perfectly tuned exactly you feed it your stack overview your team conventions your strict Non-negotiable rule against barrel imports. It learns your design system. It learns your testing curx. You're in the zone Yeah, by Friday it feels like absolute magic the agent is producing consistent on pattern code And you're finally feeling that promised elusive velocity of AI assistance But then you know week two hits you clone project B. Yeah, you clone project B It's a different client different repository a completely different stack. Yeah, you boot up your agent ready to dive in and conquer the world and Suddenly it doesn't even know your name. Oh miss the worst. It doesn't know your preferred package manager It is completely forgotten your personal vendetta against barrel imports and just immediately generates an index file full of them Right, right you're completely back to square one spending your entire morning just correcting the absolute most basic Fundamental mistakes. It is the definition of jarring. I mean you go from feeling like you have this brilliant mind-reading Para programming partner to feeling like you are micromanaging a junior intern on their very first day out of boot camp It's exhausting it really is and that disorientation that exact highly specific point is the mechanical failure we are dismantling today welcome to the deep dive if you're listening to this you're almost certainly a Working software developer or maybe an architect or engineering manager who has hit this exact wall You understand the potential of these agent tools But the friction of starting over I mean the sheer repetitive overhead is just killing your momentum totally killing it So today our mission is to solve this context amnesia problem permanently We are breaking down the dual layer configuration architecture that frankly every single developer using AI coding tools needs to master And we've got a lot of ground to cover to do that. We really do yeah, we're pulling from a massive stack of sources today We've got the official architectural documentation for Claude code. We're looking at deep dive technical white papers from the teams behind cursor andator Great teams by the way. Oh absolutely. Plus. We've scraped dozens of highly active GitHub issue threads where developers are just pulling their hair out over context drift and we're bringing in some really fascinating engineering blog posts that Analyze the actual mathematics of how large language models allocate attention to system prompts, which is the crucial underlying piece here I mean we aren't just talking about where to put text files We're talking about engineering the attention mechanism of the AI itself, right? And I actually want to clarify something right off the bat while the specific files and syntaxes will be discussing today largely use the Claude Dot MD convention, which is you know the standard for anthropics tools This structural pattern holds completely true across the entire ecosystem. So it doesn't matter what you're using Exactly whether you are daily driving cursor windsurf, Ador or custom wrappers around the open AI API The underlying architecture of how agents load context how they prioritize rules and resolve conflicts It is exactly the same the philosophy is universal I love that we're digging into this because when I was reading through the documentation and the forum discussions for this deep dive It instantly reminded me of the old days of managing dot files. Oh, yeah, the right of passage Yeah, yeah, if you think about your Vim rock or your bash profile or your ship You would never in a million years manually rewrite your terminal aliases your path variables or your syntax highlighting preferences every single time Ussh into a new server or joined a new team. No, of course not you had a file right? You had a file it lived in a repo somewhere traveled with you you curled it down and it set up your environment instantly So looking at these brilliant cutting edge AI tools Why on earth are we tolerating this blank slate amnesia? Why did we revert to the Stone Age of manual configuration? It's a really fascinating regression and I think it stems from a fundamental misunderstanding of the paradigm shift We're actually in as developers were historically obsessed with dr. Y principles, right? Don't repeat yourself Sure. It's drilled into us from day one right but because AI is this shiny Non-deterministic new paradigm we've kind of temporarily forgotten our own best practices We treat the agent like a human who should just magically remember things rather than treating it like what it actually is Which is a stateless API right? It has no memory of yesterday exactly under the hood these agents do not have persistent memory between Sessions unless you explicitly engineer a mechanism to inject that state into their context window every single time they boot up The problem you described in the cold open configuring project a moving to project B and losing everything is a direct result of relying on organic memory rather than structural state injection Let's unpack that structural state injection then to stop configuring the same preferences over and over We first need to understand the physical mechanics of where these AI tools are actually looking for their instructions and in what order exactly We basically had one monolithic layer when we desperately needed to Break down this overarching dual layer architecture for us So it boils down to two distinct isolated buckets of context. The first is the global layer Physically, this is located in the home directory of your local machine For example your dot cloud folder or your global cursor settings folder to sit right there in the user directory Yep And the defining characteristic of this layer is that it is always loaded into the agent system prompt It is never shared with your teammates and it follows you across every single repository you open on that specific workstation So it's the developer's personal luggage It literally is the dot file. It is exactly that. It's your localized state Then the second bucket is the project layer This is located in the root directory of your specific repository You'll usually see this as a dot cloud directory sitting right next to your node modules or your get folder Or simply as a markdown file right there in the root Okay, so that one is tied to the code Right This layer is loaded only when the agent is operating within that specific directory tree And crucially unlike your personal luggage this file is committed to version control Meaning it gets pushed up to github or get lab exactly Which means it is shared with your entire team. It is the enforced reality of the shared code base Okay, so we have the global bucket and the home directory and the project bucket and the repo root But introducing two separate sources of truth Immediately introduces an architectural problem that every developer is intimately familiar with conflict resolution conflict resolution exactly What happens when the buckets disagree? Walk us through the hierarchy of execution when I boot up my agent in my terminal or my IDE What is the exact sequence of events and how does the agent decide who wins an argument? Well, the loading order is completely deterministic It actually mimics the concept of variable scope in programming or a css specificity. Oh, that makes sense. Yeah When the agent process spins up it executes a file system walk It first looks at your home environment variable Finds the global configuration and loads that into the very beginning of the system prompt that establishes the baseline state Okay baseline establishment then it checks the present working directory and it walks up the tree looking for the project level configuration It takes that project data and appends it to the system prompt strictly after the global rules after Okay And the golden rule of this hierarchy which governs absolutely everything the agent does is that later layers always override earlier ones Local scope overrides global scope so mechanically because the project rules are appended lower down in the context window The attention mechanism of the llm just naturally weights them heavier for conflict resolution. That's the mechanical reality. Yes Let's look at a concrete example that came up repeatedly in the github issues. We analyze. Let's talk about package manager Oh, that's always a battleground always. So say you're a global configuration your personal developer identity Dictates a strict preference for the pnpm package manager You've set that in your home directory because you love the simlinx node modules and the speed Yeah pnpm's great It is but tomorrow you clone a legacy client project and the project level configuration explicitly states that the team uses standard npm For that specific coding session the project level rule absolutely wins So if I ask the agent to install a new dependency it will execute standard mpm install Just completely ignoring my global preference completely ignoring it the project wins wait Let me push back on that hierarchy for a second If the project layer always overrides the global layer, aren't we risking a situation where an overly strict tyrannical project file Completely nullifies the developers carefully crafted personal workflow I mean like let's say I spent hours setting up my global environment to help an extreme verbosity use a light mode UI and utilize a very specific set of bash aliases can some team leads 500 line repo config Just pave right over my personal setup and force me to work exactly like them That is a very real concern and honestly it exposes a fundamental Anti-pattern in how teams are currently adopting these tools The override mechanic is precisely why we must strictly enforce the separation of concerns Between what goes into the global layer and what goes into the project layer So they shouldn't be overlapping in the first place exactly if a team file is overriding your personal workflow It means someone fundamentally misunderstood the assignment They put something in the project layer that simply does not belong there What belongs there then the project layer should only override the global layer on matters of absolute build breaking team consensus Like the package manager the core framework version or the linting rules It should never be dictating your personal conversational preferences with the AI or your local UI settings or your personal alias shortcuts That makes a lot of sense the project wins But the project should only be fighting battles that actually matter To the compilation and the get history of the shared codebase If it doesn't affect the final pull request, the project file shouldn't even care That's the exact boundary line. The global layer sets your default operational state The project layer applies the necessary local mutations to ensure you don't break the build Which brings us perfectly to the anatomy of the global layer itself Or as the engineering blogs in our source material refer to it the developers fingerprint I love that framing. It's so good, right? Since this layer is loaded first and forms the absolute baseline of the AI's understanding of who you are and how you operate We need to unpack exactly what should and just as importantly what shouldn't Go into your home director's configuration. Let's start with a primary markdown file Right think about this file as your personal developer constitution These are truths that persist regardless of whether you're working on a massive highly regulated enterprise react application Or just a tiny weekend python script scraping a website So what is the absolute first block of text that goes into this file? Identity your real name your professional email address and your github or get lab handle You know, I have to admit when I first read that in the docs it sounded incredibly basic Almost too simple to bother burning tokens on. I mean why does an llm need to know my email address? It sounds basic until you look at the architecture of agentic loops These agents aren't just fancy autocomplete engines living in your text editor anymore. They are autonomous processes Right. They're running their own loops. Yeah, they're literally spawning subshells Executing git commands writing commit messages drafting pull request descriptions generating file headers If the agent process doesn't explicitly know who you are it hits a wall when it tries to run git commit Oh, I see so it doesn't know who to attribute the work to exactly it either ends up using generic placeholders falling back to a global git config that might be incorrect for that specific terminal instance or worse The llm just hallucinates an identity based on its training data Right. You look at the commit history and see authored by AI coding assistant or some random name it pulled from a tutorial data set That is not what you want showing up in a soc2 compliant enterprise git log Absolutely not by hard coding your identity parameters in your global layer You ensure that when the agent constructs the author string under the hood It seamlessly uses the correct attribution every single time it completely eliminates a whole category of manual corrections Okay, so identity is block one what comes next in the global file tool defaults an environmental reality The agent needs to know the bedrock of your operating system. What is your shell of choice? Are you using standard bash sush fish or are you on windows using power shell? What is your global default test runner? So if you don't explicitly define this what happens the agent is forced to use its heuristic engine to guess And guessing is expensive guessing is incredibly expensive both in compute and in wall clock time Let's look at the mechanics of how an agent figures out a code base without instructions It runs list commands. It reads the package JSON. It looks for lock files But agents are notorious for getting confused during this heuristic phase. I've seen that happen They just spin their wheels right it might see an old lock file left over from a previous branch Ignore the correct one and try to run a yarn install and a repository where the team Explicitly migrated away from yarn six months ago. Oh, yes And then it breaks the whole node modules tree exactly by stating your defaults globally You are giving the agent a fast path You bypass the expensive error prone heuristic search and tell it hey unless told otherwise assume zish assume pnpm assume Vite that makes perfect sense. We are optimizing the agents initialization sequence. So we've got identity We've got the os and tool defaults. Where does personal style fit in because reading through the forums? This is where developers get incredibly opinionated and protective your global file is the exclusive home for personal style and conversational conventions And this is actually a critical point about token economics and time to first token. Okay. Tell me more about that Well, how verbose do you want the agents explanations to be? Some developers love a detailed step-by-step pedagogical breakdown of every single line of code the agent generates They really want the theory right they want to learn from the AI But others especially senior engineers just want the raw code snippet with zero conversational filler The classic stop apologizing stop saying certainly and just give me the refactored function rule Yes, and that's not just about annoyance. It's literally about latency LLM's stream tokens one by one every time the agent generates the phrase i'd be happy to help you with that You are awaiting real milliseconds sometimes seconds for the inference clustered as streamtext you don't even want to read Wow, yeah By enforcing a terse output only rule in your global layer you are actually speeding up the agents response time by reducing the output token count That is a brilliant way to frame it. You are literally saving time by telling the AI to shut up Now beyond conversational style, what about actual coding style? That goes here too provided. It's a cross-project absolute things like i personally always prefer named export over default exports and javascript or never use console log for debugging always use the debug module or Always strictly type my python function returns So it's your personal golden rules right if these are rules you hold yourself to across every client and every side project They belong in your global layer. It creates a unified developer fingerprint now here is where this source architecture gets incredibly interesting to me Several of the engineering blogs mentioned a tactic of using external pointers in your global config rather than writing everything out linearly This is a highly advanced highly effective pattern that relies on the agents re capabilities retrieval augmented generation Let's go walk me through that sure If you dump every single local tool alias and custom script into your main configuration file You severely bloat the system prompt. So instead you keep the main file clean and use semantic pointers How does that actually work mechanically like what am I typing in the file? You create a separate markdown file somewhere on your machine Let's say your home directory slash cli tools dot md This file acts as a living detailed inventory of all your local custom bash scripts your AWS profiles your docker aliases Then your global configuration file simply contains one sentence just one sentence Just one it says for an inventory of my available custom command line tools Execute a read on this specific clay tools file. Oh wow So when the agent reads the system prompt, it doesn't automatically load the whole tool list It just knows the list exists correct when you ask the agent a question where it recognizes it needs a tool say You ask it to deploy a container It reads the pointer Utilizes its function calling capabilities to seamlessly execute a file read operation on that external file Pulls that specific data into its working memory and then answers you That is so smart. It's basically lazy loading your local environment variables exactly It's like giving the AI a card catalog index of your personal library rather than forcing it to read every single book at once Just in case now alongside the markdown file the global layer architecture also specifies a JSON settings file What is the distinction there? Why do we need JSON if we already have markdown? Good question The markdown file is for semantic instructions conversational style coding conventions architectural pointers The settings JSON file is for the hard infrastructural configurations of the agent software itself This is where you define the literal api parameters. Okay, like what kind of parameters the most important of which is your default model tier routing Meaning which specific underlying llm the agent is querying? Ah, right and thorapic for instance has different model tiers You have the haiku tier, which is incredibly fast and cheap but a little less reasoning capable You have sonnet which is the balanced workhorse and you have opus the heavy highly intelligent but slower model Exactly and in your global settings you configure intent based routing How does intent based routing actually play out at a daily workflow? You might configure your global settings so the agent defaults to a lightweight model for everyday exploratory work If you just say find the file where the user authentication logic lives the agent uses the fast model It zips through your directories does basic string matching and finds the file in milliseconds Right. You don't need opus for that You really don't but you can figure an override parameter so that when you ask for complex architectural reasoning like Refactor this entire authentication flow to use oaf2 and handle edge case race conditions The agent intelligently routes that specific heavy prompt to the opus tier You orchestrate those baseline intelligence defaults globally in the json file that saves a massive amount of manual toggling in the ui But the deep dive sources we pulled also heavily emphasized globally trusted tool commands inside this settings file Break that down for me. What is the agent actually doing at the system level here? Think about the friction of a highly secure sandbox system By default these agents operate on a zero trust model Every single time the agent wants to interact with your operating system. It halts execution and prompts you right? Can I read this file? Can I read this get diff? Can I list the directory contents exactly? That is incredibly secure, but it is also incredibly disruptive to your flow state Yeah, if I have to click approve 15 times just for the agent to figure out what branch i'm on I might as well just type the commands myself. It totally defeats the purpose precisely So in your global settings json you can pre-approve certain actions by intent You are essentially giving the agent a schmod equivalent for its autonomous capabilities. Okay, you're telling the system process What you're telling it? I globally trust this agent to execute any non-destructive read-only command without asking me Give me the boundaries of that. What is safe? Inspecting the get log running get status Reading any text file Executing list or tree commands to understand directory structures You encode these command patterns in the json array so that the agent can autonomously browse your machine Orient itself and figure things out without interrupting you you're giving it a long completely autonomous leech for safe operations Global yes, and finally rounding out this global layer. The architecture includes a memory directory What is happening in there? Is this like a local vector database? Yeah, it can be backed by a local vector store depending on the specific tool you're using But functionally it's a persistent storage mechanism for the agents continuous learning When you correct the agent say you tell it no on my machine the local database port is 543 not 542 The agent organically extracts that fact and writes it to the memory directory So it doesn't make the same dumb mistake tomorrow Right, but it's also a place where you the human can intervene manually if you figure out a weird Esoteric quirk about your local docker setup. You don't need to pollute your main configuration file You just drop like you just put a quick text note into the memory directory The agent parses that directory on startup and incorporates it into its baseline knowledge graph You know stepping back and looking at this entire global layer architecture the identity parameters the default OS tools the conversational style the custom CLI pointers the model routing the memory graph Configure this layer is fundamentally about creating a digital avatar of your developer brain. That's exactly what it is It's the it goes without saying context like when human engineers work together for years They build up this massive shared implicit context You know your co-worker hates it when you leave commented out code in a pr You know they prefer CLI tools over GUI tools But machines don't have intuition. They don't pick up on social cues No, no, no, no, no, they need the goes without saying explicitly written down in markdown and Jason That is a phenomenal analogy You are externalizing your implicit knowledge You are taking the silent context of your brain and making it machine readable And once you do that the agent immediately stops acting like an erratic stranger and starts acting like a true extension of your own thought process Which is the absolute dream scenario But as we know all too well software engineering is rarely a solo sport The global layer makes the AI work perfectly for you But the moment you join a shared repository the AI needs to stop working exclusively for you and start working for the team And that brings us to the second half of this architecture the project layer or the team's truth If the global layer is your personal avatar The project layer is the constitution of the code base It belongs strictly in the root of the repository. It is committed to version control It goes through code review and it dictates the non-negotiable reality of the shared project So this is the project level markdown file sitting right next to your package. Jason you're getting your your docker file What are the engineering constraints for this specific file? Because my instinct is to just dump everything into it the absolute most critical engineering constraint for the project file is brevity It must be brutally brief The consensus across all the architectural documents we analyzed is that the stack overview block should be strictly under 10 lines 10 lines Wait, let me pause you right there because that feels incredibly restrictive Think about a massive monolithic enterprise application You've got front-end frameworks back end microservices caching layers message queues five different testing libraries How do you compress that into 10 lines and why is it so important to do so? It has to be restrictive because of the mathematics of llm attention mechanisms Specifically the needle in a haystack problem Even though modern models have massive 200,000 token context windows their attention is not distributed equally Due to positional encoding llms exhibit a u-shaped attention curve meaning they pay attention to the edges, but not the middle Exactly they pay intense attention to the very beginning of the prompt and the very end of the prompt Information buried in the middle degrades significantly So if you put a 500 line stack overview at the top you push the actual actionable rules into the blurry middle section of the context window Precisely you dilute the signal-to-noise ratio You use those 10 premium lines at the very top to state the absolute bedrock parameters of the universe the agent just woke up in the essentials Right the language the core framework the exact package manager and the strict minimum version numbers like we use node version 20.4 We use react 18. We strictly use pnpm. We use vitus for unit tests You are locking in the execution environment so the agent doesn't hallucinate in compatible syntax Okay, so the stack overview is compressed to the absolute minimum What is the next section of the project file directory mapping? But and this is a massive caveat where developers constantly mess up You do not list every single directory in your project. You only map the anomalies explain the logic there Why not map the whole tree doesn't more context help because the agent already knows industry standards It was trained on billions of lines of open source code If you have a standard next a s app router setup or a standard rubion rails app slash models directory The agent understands that natively you don't need to waste precious tokens explaining what the components directory means Okay, that makes sense But if your team decided for some historical legacy reason to put all your database migration scripts Inside a weirdly named folder called I don't know historical schema's v2 The agent will never guess that no it would definitely try to generate migrations in a standard migrations folder exactly You use the directory mapping section strictly to explain the weird stuff map the exceptions ignore the standards That is a great rule of thumb Optimize for the anomalies Now moving past the map. What about the actual team rules? We talked about personal style globally But what belongs in the team's project file the iron cloud rules These are the five to ten architectural decisions that the team has locked in usually after painful outages or endless arguments There are no exceptions. No, it depends Like what for example if the team has decided that every single database query must go through a specific repository Abstraction pattern rather than hitting the ORM directly that goes here If all UI components must be server components by default that goes here And reading through the engineering blogs they specifically highlighted a concept that I found fascinating the power of the not to do list Yes in the context of llms the not to do list is arguably more critical than that to do list because it establishes negative constraints But you have to engineer these negative constraints carefully Llms actually struggle with the concept of not unless it is framed as a hard boundary What do you mean by that? How does an llm process a negative constraint? If you say try not to use standard css the llm treats that as a suggestion And will often still generate css if it thinks it's the easiest path You have to frame it as an absolute boundary restriction. Oh, so you have to be forceful very forceful The not to do list should be short highly opinionated and ideally Backed by actual ci cd tooling in the repo for instance never use standard css modules We exclusively use tailwind or never mock the database in integration tests always use the test container Got it. Giving an autonomous agent a rigid boundary of what not to do prevents it from going down massive time wasting hallucinated rabbit holes exactly okay, I follow the logic of brevity But this creates a math of contradiction in my mind If the main project file is supposed to be this short punchy 10 line stack overview a few directory anomalies and a handful of ironclad rules Where do all the actual detail documentation go? Right, that's the big question because every serious project i've ever worked on has pages and pages of api design philosophy state management Guidelines and deployment checklists. Where does that live? This is where the architecture introduces the high value reference table Instead of pasting your entire api design philosophy into the main agent config and destroying the attention mechanism You create a simple markdown table It is essentially a before you touch x read y semantic map I love that framing before you touch x read y. It's incredibly pragmatic It's the most effective way to manage context dynamically You create a table that tells the agent before you generate a new database migration Execute a read on the migrations documentation file before you create a new ui component Execute a read on the design system file So the agent reads the main file sees the table and knows the deeper context exists But doesn't actually load it until it's triggered by the user's prompt exactly This keeps the main configuration file incredibly small and focused Ensuring a high signal to noise ratio while seamlessly pointing the agent to the existing Detailed documentation that your engineering team is already writing and maintaining It's basically a dynamic table of contents for the ais RaaS system. Yep, that's a great way to think about it Now just like the global air the project layer also have its own JSON settings file How does the project level settings JSON differ mechanically from my personal global one the project level JSON is committed to version control Which means it applies to every single developer who clones the repository This is where the team pre-approves routine project-specific execution intents Think about the local development loop. What commands do you run 50 times a day? Running the test suite starting the local dev server running the linter checking get status exactly npm run dev pite test cargo build By pre-approving those specific execution intents in the committed JSON file You ensure that when a brand new developer joins the team Clones the repo and starts their very first AI session They don't get bombarded with 40 security permission prompts just to boot up the application right the team has already cryptographically declared These specific local scripts are safe for the agent to run autonomously in this repository Okay, but let me throw a wrench in that What if I need the agent to execute a script that requires an API key say I need the agent to run a database migration script against a remote staging server I obviously cannot commit my personal AWS secret key or my database password into the team's shared JSON file and version control Right, definitely don't do that. How does the architecture handle sensitive local environment variables? This is a critical security question and it's why the architecture includes a third highly specific file The local overrides file. It's usually named settings dot local dot JSON And the local part of the file name is the crucial distinction here critically. Yes This file must be explicitly added to your get ignore file. It must never leave your machine This is strictly for personal overrides within the context of that specific project It is where you inject your unique API keys But wait, how does the agent process use those keys securely? Is it sending my AWS keys back to anthropic or open AI servers in the system prompt? Because that sounds like a massive security risk No, no, and that is the genius of the local sandbox The local agent process running on your machine reads that local settings file And injects those keys into the hidden environment variables of the sub shell it spawns to run commands The keys stay on your local machine. They are never appended to the text of the prompt sent to the cloud inference API Oh wow, okay Yeah, it isolates the secrets from the llm while allowing the local agent process to actually use them to run your scripts That is incredibly reassuring from a security standpoint Yeah, you know listening to you lay out this entire project layer that short stack overview The anomaly mapping the negative constraint list the semantic reference tables the execution sandboxing This operates exactly like a perfectly written onboarding re-atomy for a new human hire That's exactly what it is when a senior dev joins the team You don't print out the entire code base and hand it to them You give them the stack you point them to the architecture docs and you specifically tell them what not to break It is the exact same management paradigm The only difference is that the AI agent is an amnesiac new hire who joins the team Completely fresh every single time you open your laptop The project layer is just the automated instant onboarding process. Okay. Let's look at the logical conclusion of this setup We've established that we are forcing the main project file to be short to preserve the attention mechanism We're using reference tables, but modern code bases are massive They have incredibly complex nuanced edge case guidelines if we can't put those rules in the main file How do we handle them? This brings us to the concept of layered rules architecture or as the white papers call it avoiding the context vacuum Right. We have the global layer setting your baseline the project layer setting the team constraints And now we introduce the deeper topic specific files To understand why this third layer is mechanically necessary We really have to look at why long monolithic rule files fail so spectacularly in production They really do fail spectacularly Let's talk about the monolith problem because My instinct and I think the instinct of almost every developer I know is to assume that more context is always better Right fill up the context window exactly If the llm has a 200,000 token window, I want to fill it I want to dump the database schema the api docs the styling guide and the deployment manual all into one giant file So the AI knows everything Why is that a disaster? It seems logically sound but mathematically as we discussed with the attention curve it degrades performance But it's not just about forgetting things in the middle. It's about semantic contradiction Semantic contradiction Yeah, when you have a single monolithic file with hundreds of complex rules Those rules inevitably begin to contradict each other in subtle ways You mean an example of how that happens in a real code base? Imagine a massive rule file up around line 50. You have a general team rule that says Always use pure functional react components pretty standard very standard But way down at line 800 buried in a section about integrating with the legacy charting library There's a highly specific rule that says Use a class component to manage the life cycle methods of the canvas Oh, I see where this is going Right when you ask the agent to build a new chart the attention heads of the llm pull in both rules The model doesn't inherently understand that line 800 is an exception to line 50 It just sees a direct logical contradiction It gets confused the probabilities flatten out and it either hallucinates a weird hybrid component or just picks one rule at random It's like trying to solve a complex math problem while someone is shouting the entire history of mathematics in your ear The signal to noise ratio is completely destroyed So how does the rules directory architecture solve this contradiction problem? It uses an elegant separation of concerns inside your projects configuration directory You create a subdirectory called rules Inside there you create individual highly focused markdown files where each file handles one specific engineering concern in depth So instead of one giant manual you have specialized pamphlets Exactly you might have a file called get workflow.md Inside that specific file you put all the granular details about your team's complex branching strategy How to format squash commits and how to tag release versions You might have another file called testing conventions.md That explains exactly how to set up the mock database layer for integration tests Okay, but mechanically how does the AI know to look there if we aren't loading it into the context window by default through the semantic router pattern Remember that main ultra short configuration file in the project route. Yeah, the 110 lines, right? It acts as the traffic cop It references these deep rules with a simple one-liner it says forget branching conventions Execute a tool read on the get workflow rules file So the agent reads the main file sees the pointer But does not actually pull the text of the rules into its context window until the user's prompt makes it relevant Exactly. It is a lazy loading strategy for context state. It relies on the agent's intent parsing So it's looking at what i'm asking for first. Yes, if you ask the agent Write a unit test for the login function the agent parses the intent which is test and checks the main router file Sees the pointer for testing rules dynamically pulls in only the testing conventions file And then writes the code if you are just asking it to format a css file It leaves the testing rules completely alone. I have to say making a purely architectural connection here This is the exact same principle as refactoring a massive monolithic software application into smaller Focused microservices or modular components really is when a single python class gets to be 3000 lines long We broke it down. We don't just do that to make it pretty for humans to read We do it to enforce a stripped separation of concerns and prevent unintended side effects We are literally applying traditional software engineering architecture to the ais instruction manual That is the perfect mental model. We are engineering the context by using this dynamic lazy loading strategy We ensure the main configuration file stays under 200 lines Which means it's incredibly fast to process it's cheap on api costs and the attention mechanism stays razor sharp And it still has access to the details right simultaneously. We keep the incredibly complex nuanced edge case rules fully reachable The exact millisecond they are needed. It's a brilliant architecture. It is so clean and logical Which of course means that developers in the real world are going to find a way to completely mess it up Oh inevitably let's move into the common failure modes Based on the github issues and forum complaints we scraped There are four major ways developers accidentally sabotaged this exact setup Walk me through the mechanics of the first major trap. The first major pitfall is polluting the global layer This happens when a developer takes highly specific team context Let's say the custom AWS deployment scripts for a specific client project and drops it into their personal global configuration Why does that cost such a disaster for two highly destructive reasons First you are creating an asynchronous reality for your team an asynchronous reality Yeah, the rest of the engineering team is relying on the project repository to be the single source of truth But your AI agent is behaving based on secret invisible instructions hidden deep on your personal hard drive It creates massive inconsistencies in code generation that your team cannot reproduce or debug It's the AI equivalent of the infamous it works on my machine syndrome Oh, man, that's terrible. The agent is relying on local state that is inversion controlled. What's the second reason? Volatility if you get a new laptop or if you wipe your hard drive you instantly lose all that client context The boundary is simple. The global layers should only contain facts about you the developer It should never contain facts about the client or the code base keep the client at your house understood Now what about the exact inverse of that trap? That would be polluting the project layer This is when a developer commits their personal idiosyncratic coding preferences directly to the team repositories configuration file Oh, this one is spicy. This is the AI equivalent of committing your personal vs code workspace settings Complete with your preferred three space tab width directly to the main branch It is exactly that and it generates an incredible amount of team friction Imagine you put a rule in the shared committed file that says Always explain code with extreme verbosity and always use the phrase Let's dive in before every snippet. That sounds like a nightmare It is suddenly every single developer who clones the repo inherits your personal quirk The AI starts talking to the senior staff engineer like a kindergarten teacher You have just automated team annoyance. Yeah, keep the team file strictly confined to architectural decisions The team has actually agreed upon the third pitfall we've touched on but it is worth looking at the mechanical failure one more time The context vacuum or the monolith Right. This is the developer who understands they need a project file but completely ignores the lazy loaded rules architecture They create one flat 2,000 line configuration file that crams the database architecture the front end testing paradigms the get workflows and the UI design systems All into one massive text block and as we establish that mathematically destroys the llm's attention mechanism It saturates the context window It causes semantic contradictions and ironically by trying to force feed the AI all the context at once You create a vacuum where the AI cannot discern what is actually important for the specific task at hand It dilutes the instructions to the point of uselessness. Okay, the fourth pitfall The source architecture documents call this the blank slate and they note that statistically This is actually the most common mistake of all across the developer ecosystem The blank slate is simply the act of having absolutely no global layer configured at all You rely 100 on whatever happens to be in the project repository If there is no configuration file in the repo you clone you start completely from zero Let me play devil's advocate here. I can see the argument that the blank slate is actually the safest most professional approach By having no global layer. I guarantee that I am a completely empty vessel Molding perfectly to whatever repository I clone. I am not bringing any personal baggage. No custom aliases. No weird default assumptions I just adapted the codebase. Isn't it safer to just start fresh every single time? It sounds incredibly humble and adaptable in theory, but mechanically it is a massive waste of expensive compute and human cognitive load How so let's look at the actual workflow of a blank slate If you don't define your identity your OS shell and your package manager globally The agent process has to use this heuristic engine and has to walk the directory Pars lock files guess your shell environment and prompt you for permission to do all of it Right you are going to spend the first 20 minutes and dozens of api calls just correcting the agent No, my author name isn't developer. No, don't use yarn. I don't care if this lock file use pmpm. No, I use ush not bash You're literally spending your morning Manually supervising the automation of basic boilerplate precisely the entire point of agentic workflows is to reach velocity faster The global layer exists to automate the foundational baseline So that the agent arrives at the actual problem the code logic at zero turn Instead of taking five conversational turns just to figure out how to install a dependency The blank slate isn't pure. It's just exhausting. Okay. You've completely convinced me The heuristic engine is too slow and air prone to rely on for basics You shouldn't have to reintroduce yourself to your own tools every monday morning. You absolutely shouldn't Well looking back. We have covered a massive amount of technical ground today We've gone from the initial disorientation of context amnesia Through the file system mechanics of the global and project layers into the attention saving elegance of lazy loaded arg rules And through the structural traps that can derail the whole architecture It's a lot to take in but it's foundational. It really is Which brings us to our outro We always want to leave you with something highly actionable We've covered the underlying theory. Let's close with the single concrete action You can take right now to stop repeating yourself The technical documentation lays this out as a straightforward 15 minute return on investment If you are listening to this and you have never set up a global layer Do it tomorrow morning or better yet. Do it the second you sit back down at your workstation Just open up your terminal make the claw directory and touch a markdown file. Yes Write a simple 20 line global configuration file in your home directory Define exactly who you are for the get logs define your preferred os tooling and package managers Define your absolute baseline conversational style. It does not need to be a masterpiece of engineering It just needs to accurately reflect your baseline reality and the payoff is immediate Once you lock this in your agent will bypass the heuristic guessing game It will know exactly how you like to work from the very first millisecond of the session on every new project you ever touch You get your magic pair programmer back instantly without the amnesia It is without a doubt the highest impact to effort configuration you can make in the current era of AI coding Now before we wrap up the deep dive i want to leave you with a final Provocative thought something to mull over as you build out these jason and markdown files We've spent this entire time analyzing how these configuration layers solve immediate mechanical workflow problems But think about the long-term implications of what we're actually doing here the broader impact Yeah As these AI configuration layers become more robust as we define our rules our tool use pointers our intent based routing Our global configuration files are essentially capturing our distinct developer fingerprints It's true. You are creating a highly formalized Cryptographically verifiable machine readable definition of your professional engineering identity exactly and if an autonomous AI agent can read your global file And immediately replicate your exact coding style your tool preferences your architectural boundaries and your specific problem solving quarks Yeah How long until we start attaching these global AI configuration files to our resumes? Oh wow, that's a thought right Will an engineering manager one day ask to pull your configuration file to prove that your technical identity and your automated workflows Actually align with their engineering culture We're rapidly moving from a world where we tell people how we code in an interview to a world where we simply hand them a file that actually Executes how we code and that is a wild fundamental paradigm shift It changes the entire definition of documenting your skills. You are no longer listing your abilities You are providing the API to your engineering mindset. So write that global file Engineer your context protect your developer fingerprint and next time you switch from project A to project B Enjoy the fact that your agent actually remembers your name

Series note: This series is a prerequisite for Agent-Ready React and The Parallel Developer series. If you’re starting from scratch, you’re in the right place.

You spend a week configuring Claude Code on project A. Stack overview, conventions, the “never do X” list, pointers to your design system. The agent starts producing consistent, on-pattern code. You feel the difference.

Week two. You clone project B — a different client, a different stack. First session. The agent doesn’t know your name, doesn’t know your preferred package manager, doesn’t know that you’ve agreed with yourself to never use barrel imports. You’re back to correcting the basics. That disorientation is fixable, and the fix costs less than an hour.

The problem is almost always the same: everything you configured lived in .claude/CLAUDE.md inside project A’s repo. When you moved to project B, none of it came with you. You had one layer when you needed two.


The two layers

AI coding tools — Claude Code specifically, but the pattern holds across Cursor, Windsurf, and Aider — read configuration from two places:

  1. A global layer at ~/.claude/ on your machine. Always loaded. Never shared with teammates. Follows you across every project.
  2. A project layer at .claude/ (or CLAUDE.md) in your repository root. Loaded only for that project. Committed to git and shared with your team.

That’s the whole architecture. Everything else is a detail about what goes where.


The full map

LayerLocationCommitted to git?Scope
Global rules~/.claude/CLAUDE.mdNoEvery project on this machine
Global settings~/.claude/settings.jsonNoPermissions, theme, model defaults
Global memory~/.claude/memory/NoPersistent facts across sessions
Project rules.claude/CLAUDE.md or CLAUDE.mdYesThis repo only
Project settings.claude/settings.jsonYesTeam-shared permissions
Local overrides.claude/settings.local.jsonNo (gitignored)Personal overrides, secret keys
Project rules (layered).claude/rules/*.mdYesLayered, topic-specific

The loading order is: global → project → rules/*.md. Later layers override earlier ones. If your global CLAUDE.md says “prefer pnpm” and the project CLAUDE.md says “use npm”, the project wins for that session.


What belongs in the global layer

The global layer is for you as a developer — things that are true regardless of what you’re working on.

~/.claude/CLAUDE.md should contain:

  • Your identity. Name, email, GitHub handle. Agents use this for commit messages, PR descriptions, file headers.
  • Your tool defaults. Preferred package manager, preferred test runner, shell preferences.
  • Personal style rules. How you like commit messages structured. How much verbosity you want in explanations.
  • Cross-project conventions you’ve committed to personally. “I always use named exports.” “I don’t use console.log in application code.”
  • Pointers to your personal reference docs, if any. I keep a ~/cli-tools.md that tracks my tool inventory — the global CLAUDE.md points there.

~/.claude/settings.json should contain:

  • The model tier you default to globally. You might use claude-sonnet-4-5 for exploratory work and override to Opus only for specific tasks.
  • Tools you trust globally — Read(*) for file reading, Bash(git log *) for git inspection. These are the reads and low-risk commands you don’t want to approve every session.
  • Your preferred theme and keybindings.

~/.claude/memory/ is where Claude Code persists facts it learns about you across sessions. You can also write files here directly — brief notes you want the agent to remember.


What belongs in the project layer

The project layer is for the codebase and the team — things that are true for this repository, for everyone working in it.

.claude/CLAUDE.md or CLAUDE.md at the repo root should contain:

  • Stack overview. Languages, frameworks, package manager, minimum Node/Python/Ruby version. Ten lines maximum.
  • Where things live. Key directories and their purpose. Not exhaustive — just the ones a new agent would get wrong.
  • The most important conventions. The five to ten “always/never” decisions the team has locked in. No exceptions, no “it depends.”
  • A “before you touch X, read Y” reference table. This is the highest-value section in most rules files. Point at design.md, MIGRATIONS.md, architecture.md — the detailed documents that would bloat CLAUDE.md if included directly.
  • Things to NOT do. Short, opinionated. Enforced by tooling where possible.

.claude/settings.json (committed) should contain permissions the whole team needs. Bash(npm run *), Bash(pnpm *), Bash(git status). This is what stops your teammate from getting 40 permission prompts in their first session. More on this in Post 4 of this series.

.claude/settings.local.json (gitignored) is where personal overrides live. API keys, personal model preferences that differ from the team default, anything that shouldn’t land in the repo.


The rules/*.md layer

Long rules files fail. Context windows get saturated. Rules contradict each other at length. The fix isn’t to write better long rules — it’s to write shorter CLAUDE.md files backed by topic-specific deeper files.

The .claude/rules/ directory is for exactly this. Each file covers one concern in depth so CLAUDE.md can stay short:

.claude/rules/
├── git-workflow.md       ← branch naming, commit conventions, PR process
├── testing.md            ← test framework, coverage expectations, naming
├── architecture.md       ← module boundaries, import rules, folder structure
└── task-management.md    ← how tasks are tracked, beads workflow if used

The agent loads these files when relevant. CLAUDE.md references them with a single line: “For git conventions, see .claude/rules/git-workflow.md.” The main file stays under 200 lines. The deep rules are always reachable.

This layering is the same reason you split a large component into smaller focused ones — not for the reader’s sake alone, but because it forces clearer separation of concerns.


The common mistakes

Putting team context in ~/.claude/. Your teammates won’t have your global layer. Any project convention that lives only there is invisible to everyone else — and to you when you’re working on a machine you don’t own.

Putting personal preferences in .claude/CLAUDE.md. Everyone who clones the repo inherits them. If your personal style preference is contested in the team, it’ll create friction. Keep the team file to decisions the team has actually agreed on.

One flat CLAUDE.md for everything. Putting architecture docs, testing conventions, git workflow, and design system rules all in a single file creates a 1,000-line context vacuum. Use the rules/*.md layer.

No global layer at all. The most common mistake. Most developers configure only the project layer and start from scratch on every new repo.


Your first 15 minutes

If you’ve never set up a global CLAUDE.md, here’s what to write right now:

# Global agent context — Prakash Poudel
 
## Identity
Name: Prakash Poudel
Email: your@email.com
GitHub: your-handle
 
## Tool preferences
- Package manager: pnpm (prefer over npm/yarn)
- Shell: zsh
- Node: always use the version in .nvmrc or mise config if present
 
## Style defaults
- Commit format: conventional commits (feat:, fix:, chore:, docs:)
- Prefer named exports over default exports
- No console.log in application code
- Comments explain why, not what
 
## What to do on ambiguity
Ask once, then proceed. I prefer a decision over a question.

That’s it. Twenty lines. The agent now knows who you are and how you like to work, on every project, from the first session.

The rest — project-specific context, team permissions, topic-specific rules — goes into the project layer. Building that out well is what the rest of this series is about. See The Agentic Developer’s Field Guide for the broader picture of how these configuration layers fit into a full agentic workflow.


Coming next

Writing CLAUDE.md That Agents Actually Follow — why long rules files make agents less consistent, and the structure that actually works. We’ll walk through a before/after on a bloated rules file and show how the rules/*.md layering keeps things sane.

About the author

Prakash Poudel Sharma

Engineering Manager · Product Owner · Varicon

Engineering Manager at Varicon, leading the Onboarding squad as Product Owner. Eleven years of building software — first as a programmer, then as a founder, now sharpening the product craft from the inside of a focused team.

Configure Your AI Coding Environment

5 parts in this series.

A five-part guide to setting up your .claude folder, CLAUDE.md, hooks, permissions, and cross-tool configuration — the prerequisite for every other agentic workflow.

  1. 01The Two Configuration Layers Every AI Developer Needs← you are here
  2. 02Writing CLAUDE.md That Agents Actually Followup next
  3. 03Hooks That Pay for Themselves
  4. 04Project Settings, Permissions, and Team Sharing
  5. 05Not on Claude? The Cross-Tool Configuration Guide
Join the conversation0 comments

What did you take away?

Thoughts, pushback, or a story of your own? Drop a reply below — I read every one.

Comments are powered by Disqus. By posting you agree to theirterms.

0:000:00