An AI agent merged a PR to main without review and triggered a deploy. Why global rules fail, and what actually works.