{"id":124116,"date":"2026-06-05T08:35:05","date_gmt":"2026-06-05T08:35:05","guid":{"rendered":"https:\/\/foojay.io\/?p=124116"},"modified":"2026-06-05T10:00:58","modified_gmt":"2026-06-05T10:00:58","slug":"context-is-code-a-tour-of-apm-and-agentrc","status":"publish","type":"post","link":"https:\/\/foojay.io\/today\/context-is-code-a-tour-of-apm-and-agentrc\/","title":{"rendered":"Context Is Code: A Tour of APM and AgentRC"},"content":{"rendered":"\n    <div class=\"article__table\">\n        <div class=\"article__table-header\">\n            <svg width=\"24\" height=\"24\" viewBox=\"0 0 24 24\" fill=\"none\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\">\n                <path d=\"M8 6H21\" stroke=\"#3562E5\" stroke-width=\"1.5\" stroke-linecap=\"round\" stroke-linejoin=\"round\" \/>\n                <path d=\"M8 12H21\" stroke=\"#3562E5\" stroke-width=\"1.5\" stroke-linecap=\"round\" stroke-linejoin=\"round\" \/>\n                <path d=\"M8 18H21\" stroke=\"#3562E5\" stroke-width=\"1.5\" stroke-linecap=\"round\" stroke-linejoin=\"round\" \/>\n                <path d=\"M3 6H3.01\" stroke=\"#3562E5\" stroke-width=\"1.5\" stroke-linecap=\"round\" stroke-linejoin=\"round\" \/>\n                <path d=\"M3 12H3.01\" stroke=\"#3562E5\" stroke-width=\"1.5\" stroke-linecap=\"round\" stroke-linejoin=\"round\" \/>\n                <path d=\"M3 18H3.01\" stroke=\"#3562E5\" stroke-width=\"1.5\" stroke-linecap=\"round\" stroke-linejoin=\"round\" \/>\n            <\/svg>\n            Table of Contents\n            <svg class=\"chevron\" width=\"24\" height=\"24\" viewBox=\"0 0 24 24\" fill=\"none\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\">\n                <path d=\"M18 15L12 9L6 15\" stroke=\"#3562E5\" stroke-width=\"1.5\" stroke-linecap=\"round\" stroke-linejoin=\"round\"\/>\n            <\/svg>\n        <\/div>\n        <div class=\"article__table-body\"><span><a href=\"#h2-0-1-he-problem-agent-context-drifts\">1. The problem: agent context drifts<\/a><\/span><span><a href=\"#h2-1-2-he-idea-what-if-agent-context-had-a-package-json-\">2. The idea: what if agent context had a package.json?<\/a><\/span><span><a href=\"#h2-2-3-he-3-strong-guarantees\">3. The 3 strong guarantees<\/a><\/span><ul><li><a href=\"#h3-3--ortable-by-manifest\">Portable by manifest<\/a><\/li><li><a href=\"#h3-4--ecure-by-default\">Secure by default<\/a><\/li><li><a href=\"#h3-5--overned-by-policy\">Governed by policy<\/a><\/li><\/ul><span><a href=\"#h2-6-4-hat-an-package-can-contain\">4. What an APM package can contain<\/a><\/span><span><a href=\"#h2-7-5-he-five-commands-you-ll-actually-use\">5. The five commands you'll actually use<\/a><\/span><span><a href=\"#h2-8-6-ne-manifest-every-harness\">6. One manifest, every harness<\/a><\/span><span><a href=\"#h2-9-7-lugins-and-marketplaces-bundle-a-workflow-not-a-file\">7. Plugins and marketplaces: bundle a workflow, not a file<\/a><\/span><span><a href=\"#h2-10-8-ecurity-treat-prompts-like-the-programs-they-are\">8. Security: treat prompts like the programs they are<\/a><\/span><span><a href=\"#h2-11-9-overnance-one-policy-file-tighten-only-inheritance\">9. Governance: one policy file, tighten-only inheritance<\/a><\/span><span><a href=\"#h2-12-10-gent-context-engineering-automated\">10. AgentRC: context engineering, automated<\/a><\/span><span><a href=\"#h2-13-11-ow-gent-compose\">11. How AgentRC + APM compose<\/a><\/span><span><a href=\"#h2-14-12-ow-to-start-on-onday\">12. How to start on Monday<\/a><\/span><span><a href=\"#h2-15-13-hree-things-to-take-away\">13. Three things to take away<\/a><\/span><span><a href=\"#h2-16--inks\">Links<\/a><\/span><\/div><\/div><!DOCTYPE html PUBLIC \"-\/\/W3C\/\/DTD HTML 4.0 Transitional\/\/EN\" \"http:\/\/www.w3.org\/TR\/REC-html40\/loose.dtd\">\n<?xml encoding=\"utf-8\" ?><html><body><h1 class=\"wp-block-heading\">Context Is Code: A Tour of APM and AgentRC<\/h1>\n\n\n\n<p>If you've shipped an AI agent into a real codebase in the last twelve months, you've felt this: every agent, every developer, every machine &mdash; different setup. A README that says \"install these extensions.\" A <code>copilot-instructions.md<\/code> somebody copy-pasted from another repo. MCP server configs in three different files. The same skills duplicated for Copilot, Claude, Cursor, and Codex.<br>No version pinning.<br>No integrity.<br>No reproducibility.<\/p>\n\n\n\n<p>That's the problem <a target=\"_blank\" href=\"https:\/\/github.com\/microsoft\/apm\"><strong>APM<\/strong><\/a>, the Agent Package Manager fixes. And it pairs with <a target=\"_blank\" href=\"https:\/\/github.com\/microsoft\/agentrc\"><strong>AgentRC<\/strong><\/a> to close the loop on <em>generating<\/em> and <em>evaluating<\/em> that context in the first place.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\">\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h2-0-1-he-problem-agent-context-drifts\">1. The problem: agent context drifts<\/h2>\n\n\n\n<p>Most teams' agent setup today is a tangle of hand-rolled files:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>A <code>copilot-instructions.md<\/code> that nobody updates after the first sprint.<\/li>\n\n\n\n<li>The same content copied (badly) into <code>CLAUDE.md<\/code> and <code>.cursor\/rules<\/code>.<\/li>\n\n\n\n<li>MCP servers configured in <code>.vscode\/mcp.json<\/code>, in a personal config, and in a <code>Makefile<\/code> someone forgot about.<\/li>\n\n\n\n<li>Skills, prompts, and rules duplicated across every harness your team has tried.<\/li>\n<\/ul>\n\n\n\n<p>The results:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>\"It works on my agent\" &#129335;<\/strong> &mdash; the AI-era version of works-on-my-machine.<\/li>\n\n\n\n<li><strong>Drift between developers<\/strong> even within the same repo.<\/li>\n\n\n\n<li><strong>Silent context rot<\/strong> as the code evolves but the instructions don't.<\/li>\n\n\n\n<li><strong>No way to ship agent context as a versioned artifact.<\/strong><\/li>\n\n\n\n<li><strong>No security boundary around prompts<\/strong> &mdash; and a prompt is a program for an LLM.<\/li>\n<\/ul>\n\n\n\n<p>If we treat prompts as text, we'll keep ignoring them in supply-chain reviews. If we treat them as code versioned, hashed, audited &mdash; we get a real perimeter around what agents do.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\">\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h2-1-2-he-idea-what-if-agent-context-had-a-package-json-\">2. The idea: what if agent context had a <code>package.json<\/code>?<\/h2>\n\n\n\n<p>One manifest. One install. Every agent, configured. That's it.<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># apm.yml &mdash; ships with your repo\nname: your-project\nversion: 1.0.0\ndependencies:\n  apm:\n    # Skills, prompts, agents, plugins &mdash; from any git repo, version-pinned\n    - anthropics\/skills\/skills\/frontend-design\n    - github\/awesome-copilot\/plugins\/context-engineering#v2.1\n    - microsoft\/apm-sample-package#v1.0.0\n  mcp:\n    # MCP servers governed by the same manifest\n    - name: io.github.github\/github-mcp-server\n      transport: http<\/pre>\n\n\n\n<p>Then:<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">$ git clone &lt;repo&gt; &amp;&amp; cd &lt;repo&gt;\n$ apm install\n&rarr; resolving 14 packages&hellip;\n&rarr; deploying primitives to .github\/, .vscode\/\n&#10003; every agent is configured<\/pre>\n\n\n\n<p>Three details worth highlighting:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Pinning<\/strong> (<code>#v2.1<\/code>, <code>#v1.0.0<\/code>) &mdash; reproducibility, the same way <code>package-lock.json<\/code><br>gives it to you.<\/li>\n\n\n\n<li><strong>MCP servers live in the same file<\/strong> &mdash; one place to declare them, one policy to<br>gate them.<\/li>\n\n\n\n<li><strong>Git is the registry<\/strong> &mdash; any git URL works. GitHub, GitLab, Azure DevOps,<br>Bitbucket, internal Gitea or Gogs. No central marketplace required (though<br>curated marketplaces do exist).<\/li>\n<\/ol>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\">\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h2-2-3-he-3-strong-guarantees\">3. The 3 strong guarantees<\/h2>\n\n\n\n<p>APM makes three headline guarantees, everything else flows from these.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h3-3--ortable-by-manifest\">Portable by manifest<\/h3>\n\n\n\n<p>One <code>apm.yml<\/code> describes every primitive &mdash; instructions, skills, prompts, agents,<br>hooks, plugins, MCP servers and <code>apm install<\/code> reproduces the same setup across<br>every harness on every machine. <code>apm.lock.yaml<\/code> pins the resolved tree the way<br><code>package-lock.json<\/code> does for npm.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h3-4--ecure-by-default\">Secure by default<\/h3>\n\n\n\n<p>Agent context is executable in effect. Every install scans for hidden Unicode<br>(bidi\/zero-width attacks are a real prompt-injection vector), pins content hashes,<br>and gates transitive MCP servers behind trust prompts.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h3-5--overned-by-policy\">Governed by policy<\/h3>\n\n\n\n<p><code>apm-policy.yml<\/code> is enforced at install time, including on transitive dependencies<br>and transitive MCP servers. Tighten-only inheritance flows enterprise &rarr; org &rarr; repo.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\">\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h2-6-4-hat-an-package-can-contain\">4. What an APM package can contain<\/h2>\n\n\n\n<p>Six primitive types. You can mix and match.<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>Primitive<\/th><th>What it is<\/th><\/tr><\/thead><tbody><tr><td><strong>Instructions<\/strong><\/td><td>Repo conventions, architecture notes, do\/don't rules. Compose into <code>AGENTS.md<\/code> \/ <code>copilot-instructions.md<\/code>.<\/td><\/tr><tr><td><strong>Skills<\/strong><\/td><td>Reusable capabilities in the Agent Skills format. Drop-in from <code>anthropics\/skills<\/code> or any repo.<\/td><\/tr><tr><td><strong>Prompts<\/strong><\/td><td>Slash-command prompts that work across harnesses.<\/td><\/tr><tr><td><strong>Agents<\/strong><\/td><td>Single-purpose agent primitives, e.g. <code>api-architect.agent.md<\/code>.<\/td><\/tr><tr><td><strong>Plugins<\/strong><\/td><td>Author once, export a standard <code>plugin.json<\/code> for Copilot \/ Claude \/ Cursor.<\/td><\/tr><tr><td><strong>MCP servers<\/strong><\/td><td>Declared in the same manifest. Policy-checked before they touch disk.<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<p>This is the part most people underrate. APM isn't only about instructions. It's a<br>single manifest for <em>all<\/em> the moving parts an agent needs.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\">\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h2-7-5-he-five-commands-you-ll-actually-use\">5. The five commands you'll actually use<\/h2>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">apm install                  # resolve manifest, scan, deploy primitives, write lockfile\napm install &lt;pkg&gt;            # add a package to apm.yml and install it\napm compile -t copilot       # render root context files (AGENTS.md \/ copilot-instructions.md)\napm audit                    # security + policy checks; SARIF output for CI\napm pack                     # bundle your package for distribution<\/pre>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\">\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h2-8-6-ne-manifest-every-harness\">6. One manifest, every harness<\/h2>\n\n\n\n<p>The same packages render to whatever your team uses:<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">apm.yml  &rarr;  apm compile  &rarr;  GitHub Copilot &middot; Claude Code &middot; Cursor\n                            OpenCode &middot; Codex &middot; Gemini &middot; Windsurf<\/pre>\n\n\n\n<p>For Copilot specifically, <code>apm install<\/code> is <strong>zero-config<\/strong>: it writes the files that VS Code and GitHub Copilot already expect (<code>.github\/instructions\/<\/code>, <code>.github\/prompts\/<\/code>, <code>.vscode\/mcp.json<\/code>), and <code>apm compile -t copilot<\/code> adds the <code>.github\/copilot-instructions.md<\/code> rollup. APM itself dogfoods this on its own repo.<\/p>\n\n\n\n<p>For other harnesses, <code>apm compile<\/code> emits <code>AGENTS.md<\/code> in the repo root (the open <a target=\"_blank\" href=\"https:\/\/agents.md\">agents.md<\/a> standard) plus the harness-specific rules trees. So if a teammate uses Claude Code, Cursor, Codex, Gemini, OpenCode, or Windsurf, their agent is configured from the same manifest. It's your edge against agent vendor lock-in: <strong>context survives the harness.<\/strong><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\">\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h2-9-7-lugins-and-marketplaces-bundle-a-workflow-not-a-file\">7. Plugins and marketplaces: bundle a workflow, not a file<\/h2>\n\n\n\n<p>A single skill or instruction file isn't a workflow. Real capabilities, code review, release notes, incident triage, need <em>several primitives bundled together<\/em>.<\/p>\n\n\n\n<p>Take a Code Review plugin:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>An <strong>instructions<\/strong> file (the review rubric)<\/li>\n\n\n\n<li>An <strong>agent<\/strong> file (activates on <code>\/review<\/code>)<\/li>\n\n\n\n<li>Two <strong>skills<\/strong> (summarise diff, find missing tests)<\/li>\n\n\n\n<li>One <strong>MCP server<\/strong> (post PR comments)<\/li>\n<\/ul>\n\n\n\n<p>Without a plugin, every developer wires four artefacts by hand and hopes the versions match. With an APM plugin:<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">$ apm install acme\/code-review<\/pre>\n\n\n\n<p>One command drops all four primitives into the right places under <code>.github\/<\/code> and <code>.vscode\/<\/code> and pins them in <code>apm.lock.yaml<\/code>. Plugins can depend on other APM packages (transitive deps, just like npm). And <code>apm pack<\/code> exports a standard <code>plugin.json<\/code> bundle that Copilot, Claude, and Cursor can all consume.<\/p>\n\n\n\n<p>Marketplaces are the curated layer on top: install from a registry in one command, deployed across all targets, pinned in the lockfile. <code>apm pack<\/code> emits a <code>marketplace.json<\/code> alongside the bundle when declared.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\">\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h2-10-8-ecurity-treat-prompts-like-the-programs-they-are\">8. Security: treat prompts like the programs they are<\/h2>\n\n\n\n<p>The honest pitch on security is this: agent context <em>is<\/em> executable in effect, and the integrity story has to match.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Hidden Unicode scanning.<\/strong> Every install blocks bidi and zero-width characters that can hijack agent behaviour. This is a real, demonstrated prompt-injection vector.<\/li>\n\n\n\n<li><strong>Lockfile integrity.<\/strong> <code>apm.lock.yaml<\/code> records SHA-256 per file. Bundles embed it too, so installing a packaged bundle rehashes every file before writing.<\/li>\n\n\n\n<li><strong>MCP trust gating.<\/strong> Transitive MCP servers don't sneak in &mdash; you re-declare or explicitly trust them.<\/li>\n\n\n\n<li><strong><code>apm audit<\/code><\/strong> for on-demand scans, CI-friendly with SARIF output.<\/li>\n\n\n\n<li><strong>Drift detection<\/strong> so generated files can't diverge silently from the manifest.<\/li>\n\n\n\n<li><strong>CI\/CD ready<\/strong> via the official <code>microsoft\/apm-action<\/code> for GitHub Actions.<\/li>\n<\/ul>\n\n\n\n<p>One caveat until today(5 June 2026): <strong>package signing is not yet implemented<\/strong>. The integrity story today is content-hash + lockfile + source allow-listing. But this is already much better than what most teams have.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\">\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h2-11-9-overnance-one-policy-file-tighten-only-inheritance\">9. Governance: one policy file, tighten-only inheritance<\/h2>\n\n\n\n<p><code>apm-policy.yml<\/code> lets enterprises set the ceiling, orgs tighten further, and repos tighten further still. Each layer can only <em>tighten<\/em>, never <em>loosen<\/em>. The math: allow lists intersect, deny lists union, <code>max_depth<\/code> takes the minimum, and enforcement escalates <code>off &lt; warn &lt; block<\/code>.<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># apm-policy.yml\nallow:\n  sources:\n    - github.com\/microsoft\/*\n    - github.com\/anthropics\/*\n    - dev.azure.com\/contoso\/*\n  mcp:\n    - io.github.github\/github-mcp-server\n    - io.github.microsoft\/playwright-mcp\n\ndeny:\n  primitives:\n    - hooks   # no shell hooks org-wide\n\nrequire:\n  signed: true\n  lockfile: present<\/pre>\n\n\n\n<p>Drop the file at <code>\/.github\/apm-policy.yml<\/code> and every repo in the org picks it up, no per-repo wiring. The CI gate is <code>apm audit --ci --policy org<\/code>, which runs all checks and renders findings on the PR.<\/p>\n\n\n\n<p>For incident response there are two documented bypass surfaces &mdash; <code>apm install --no-policy<\/code> and <code>APM_POLICY_DISABLE=1<\/code> &mdash; and they're loudly logged. Use them sparingly.<\/p>\n\n\n\n<p>The architects' takeaway: <strong>you can roll APM out org-wide without losing control over what agents load.<\/strong><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\">\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h2-12-10-gent-context-engineering-automated\">10. AgentRC: context engineering, automated<\/h2>\n\n\n\n<p>So APM <em>distributes<\/em> agent context. But where does the content come from in the first place? That's where <a target=\"_blank\" href=\"https:\/\/github.com\/microsoft\/agentrc\">AgentRC<\/a> comes in.<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p><strong>Note:<\/strong> AgentRC is currently marked <strong>experimental<\/strong> in its README. Pilot it on a non-critical repo and pin a commit if you adopt it today.<\/p>\n<\/blockquote>\n\n\n\n<p>AgentRC is a CLI + VS Code extension that reads your codebase and generates the files an agent needs to be useful: instructions, MCP config, VS Code settings, and <em>evals<\/em>. The three commands map cleanly to a lifecycle:<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">$ npx github:microsoft\/agentrc readiness\nScoring 9 pillars &middot; 5-level maturity model\n\n  Build &amp; test          L4  &#9608;&#9608;&#9608;&#9608;&#9608;&#9608;&#9608;&#9608;&#9617;&#9617;\n  Linting               L2  &#9608;&#9608;&#9608;&#9608;&#9617;&#9617;&#9617;&#9617;&#9617;&#9617;\n  Architecture docs     L1  &#9608;&#9608;&#9617;&#9617;&#9617;&#9617;&#9617;&#9617;&#9617;&#9617;\n  MCP configuration     L0  &#9617;&#9617;&#9617;&#9617;&#9617;&#9617;&#9617;&#9617;&#9617;&#9617;\n\n$ npx github:microsoft\/agentrc instructions\n&rarr; reading repo, generating .github\/copilot-instructions.md\n&rarr; generating .vscode\/mcp.json\n&rarr; generating agentrc.eval.json\n&#10003; done\n\n$ npx github:microsoft\/agentrc eval\n&rarr; running 12 evals against generated instructions\n&#10003; 11 passed, 1 regressed<\/pre>\n\n\n\n<p>Three things in one: <strong>measure<\/strong> (<code>readiness<\/code>), <strong>generate<\/strong> (<code>instructions<\/code>), <strong>maintain<\/strong> (<code>eval<\/code>).<\/p>\n\n\n\n<p>The eval angle is the one most people miss. Instructions only matter if they actually improve agent responses. AgentRC measures that and can fail CI if context regresses. It's the missing feedback loop in most teams' agent setup.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\">\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h2-13-11-ow-gent-compose\">11. How AgentRC + APM compose<\/h2>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">Your repo &rarr; agentrc (measure &middot; generate &middot; eval)\n         &rarr; .instructions.md &middot; mcp.json &middot; eval.json\n         &rarr; apm.yml (pack &middot; publish)\n         &rarr; org-wide apm install<\/pre>\n\n\n\n<p>The crucial compatibility point: <strong>the <code>.instructions.md<\/code> format is shared by both tools.<\/strong> No conversion when moving content from AgentRC into an APM package.<\/p>\n\n\n\n<p>Three personas, three flows:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>In your project (solo dev).<\/strong> <code>agentrc init<\/code> generates your baseline, then <code>apm install org\/standards<\/code> pulls in shared org packages on top.<\/li>\n\n\n\n<li><strong>For your team (team lead).<\/strong> Package your best instructions and skills as an APM package; teammates get them with one <code>apm install<\/code>.<\/li>\n\n\n\n<li><strong>At scale (platform engineer).<\/strong> <code>apm audit<\/code> + <code>apm-policy.yml<\/code> enforce standards; <code>agentrc eval<\/code> in CI catches context drift.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\">\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h2-14-12-ow-to-start-on-onday\">12. How to start on Monday<\/h2>\n\n\n\n<p>Six steps. Most teams should do steps 1&ndash;3 this week, 4&ndash;6 over the next quarter.<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Try it.<\/strong> <code>curl -sSL https:\/\/aka.ms\/apm-unix | sh<\/code>, then <code>apm install microsoft\/apm-sample-package<\/code> on a throwaway repo.<\/li>\n\n\n\n<li><strong>Measure your repo.<\/strong> <code>npx github:microsoft\/agentrc readiness<\/code> gives you a maturity score and a list of missing context to add first.<\/li>\n\n\n\n<li><strong>Pin what you have.<\/strong> Move your existing <code>copilot-instructions.md<\/code> and skills into an <code>apm.yml<\/code>. Commit the lockfile.<\/li>\n\n\n\n<li><strong>Share across the team.<\/strong> Extract the org-wide bits into a shared APM package. Teammates run <code>apm install<\/code>.<\/li>\n\n\n\n<li><strong>Gate in CI.<\/strong> Add <code>apm-action<\/code> + <code>agentrc readiness --fail-level 3<\/code> to PR checks. This is the step that prevents backsliding &mdash; don't skip it.<\/li>\n\n\n\n<li><strong>Govern.<\/strong> Roll out an <code>apm-policy.yml<\/code> at the org level. Tighten as you learn.<\/li>\n<\/ol>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\">\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h2-15-13-hree-things-to-take-away\">13. Three things to take away<\/h2>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Agent context is code.<\/strong> Version it, pin it, ship it like dependencies.<\/li>\n\n\n\n<li><strong>APM gives you the manifest. AgentRC gives you the content.<\/strong> Together they close the loop.<\/li>\n\n\n\n<li><strong>Security and governance are not afterthoughts.<\/strong> Hashes, audits, policy, on every install, by default.<\/li>\n<\/ol>\n\n\n\n<p>If you remember one line, make it this one:<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p><em>Stop hand-rolling agent setup. Pin it like a dependency, scan it like a binary, govern it like infrastructure.<\/em><\/p>\n<\/blockquote>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\">\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h2-16--inks\">Links<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a target=\"_blank\" href=\"https:\/\/github.com\/microsoft\/apm\">github.com\/microsoft\/apm<\/a><\/li>\n\n\n\n<li><a target=\"_blank\" href=\"https:\/\/microsoft.github.io\/apm\/\">microsoft.github.io\/apm<\/a><\/li>\n\n\n\n<li><a target=\"_blank\" href=\"https:\/\/github.com\/microsoft\/agentrc\">github.com\/microsoft\/agentrc<\/a><\/li>\n\n\n\n<li><a target=\"_blank\" href=\"https:\/\/agents.md\">agents.md<\/a><\/li>\n\n\n\n<li><a target=\"_blank\" href=\"https:\/\/modelcontextprotocol.io\">modelcontextprotocol.io<\/a><\/li>\n<\/ul>\n<\/body><\/html>\n","protected":false},"excerpt":{"rendered":"<p>Table of Contents 1. The problem: agent context drifts2. The idea: what if agent context had a package.json?3. The 3 strong guarantees Portable by manifest Secure by default Governed by policy 4. What an APM package can contain5. The five &#8230;<\/p>\n","protected":false},"author":280,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[675,2331,2325,2332],"tags":[2704,2703,2454,2520],"class_list":["post-124116","post","type-post","status-publish","format-standard","hentry","category-developer-tools","category-genai","category-library","category-llm","tag-agent-package-manager","tag-apm","tag-claude-code","tag-github-copilot"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.7 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Context Is Code: A Tour of APM and AgentRC<\/title>\n<meta name=\"description\" content=\"Why agent context needs a package manager, what APM gives you, and how AgentRC closes the loop on generation and evals.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/foojay.io\/today\/context-is-code-a-tour-of-apm-and-agentrc\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Context Is Code: A Tour of APM and AgentRC\" \/>\n<meta property=\"og:description\" content=\"Why agent context needs a package manager, what APM gives you, and how AgentRC closes the loop on generation and evals.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/foojay.io\/today\/context-is-code-a-tour-of-apm-and-agentrc\/\" \/>\n<meta property=\"og:site_name\" content=\"foojay\" \/>\n<meta property=\"article:published_time\" content=\"2026-06-05T08:35:05+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-06-05T10:00:58+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/foojay.io\/wp-content\/uploads\/2020\/04\/Favicon-3-2.png\" \/>\n\t<meta property=\"og:image:width\" content=\"384\" \/>\n\t<meta property=\"og:image:height\" content=\"384\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Soham Dasgupta\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Soham Dasgupta\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/foojay.io\\\/today\\\/context-is-code-a-tour-of-apm-and-agentrc\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/foojay.io\\\/today\\\/context-is-code-a-tour-of-apm-and-agentrc\\\/\"},\"author\":{\"name\":\"Soham Dasgupta\",\"@id\":\"https:\\\/\\\/foojay.io\\\/#\\\/schema\\\/person\\\/9ef9bf07a0614e8fc80e4f8ed35d3a33\"},\"headline\":\"Context Is Code: A Tour of APM and AgentRC\",\"datePublished\":\"2026-06-05T08:35:05+00:00\",\"dateModified\":\"2026-06-05T10:00:58+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/foojay.io\\\/today\\\/context-is-code-a-tour-of-apm-and-agentrc\\\/\"},\"wordCount\":1434,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/foojay.io\\\/#organization\"},\"keywords\":[\"Agent Package Manager\",\"APM\",\"claude code\",\"GitHub Copilot\"],\"articleSection\":[\"Developer Tools\",\"GenAI\",\"Library\",\"LLM\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/foojay.io\\\/today\\\/context-is-code-a-tour-of-apm-and-agentrc\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/foojay.io\\\/today\\\/context-is-code-a-tour-of-apm-and-agentrc\\\/\",\"url\":\"https:\\\/\\\/foojay.io\\\/today\\\/context-is-code-a-tour-of-apm-and-agentrc\\\/\",\"name\":\"Context Is Code: A Tour of APM and AgentRC\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/foojay.io\\\/#website\"},\"datePublished\":\"2026-06-05T08:35:05+00:00\",\"dateModified\":\"2026-06-05T10:00:58+00:00\",\"description\":\"Why agent context needs a package manager, what APM gives you, and how AgentRC closes the loop on generation and evals.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/foojay.io\\\/today\\\/context-is-code-a-tour-of-apm-and-agentrc\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/foojay.io\\\/today\\\/context-is-code-a-tour-of-apm-and-agentrc\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/foojay.io\\\/today\\\/context-is-code-a-tour-of-apm-and-agentrc\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/foojay.io\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Context Is Code: A Tour of APM and AgentRC\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/foojay.io\\\/#website\",\"url\":\"https:\\\/\\\/foojay.io\\\/\",\"name\":\"foojay\",\"description\":\"a place for friends of OpenJDK\",\"publisher\":{\"@id\":\"https:\\\/\\\/foojay.io\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/foojay.io\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/foojay.io\\\/#organization\",\"name\":\"foojay\",\"url\":\"https:\\\/\\\/foojay.io\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/foojay.io\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/foojay.io\\\/wp-content\\\/uploads\\\/2020\\\/04\\\/cropped-Favicon.png\",\"contentUrl\":\"https:\\\/\\\/foojay.io\\\/wp-content\\\/uploads\\\/2020\\\/04\\\/cropped-Favicon.png\",\"width\":512,\"height\":512,\"caption\":\"foojay\"},\"image\":{\"@id\":\"https:\\\/\\\/foojay.io\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/foojay2020\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/foojay.io\\\/#\\\/schema\\\/person\\\/9ef9bf07a0614e8fc80e4f8ed35d3a33\",\"name\":\"Soham Dasgupta\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/foojay.io\\\/wp-content\\\/uploads\\\/2022\\\/01\\\/1621934042991-96x96.jpeg\",\"url\":\"https:\\\/\\\/foojay.io\\\/wp-content\\\/uploads\\\/2022\\\/01\\\/1621934042991-96x96.jpeg\",\"contentUrl\":\"https:\\\/\\\/foojay.io\\\/wp-content\\\/uploads\\\/2022\\\/01\\\/1621934042991-96x96.jpeg\",\"caption\":\"Soham Dasgupta\"},\"description\":\"Technology enthusiast | Agentic AI | Architect | Programmer | Cloud Native | Blogger | Speaker\",\"sameAs\":[\"https:\\\/\\\/sohamdasgupta.com\",\"https:\\\/\\\/www.linkedin.com\\\/in\\\/dasguptasoham\\\/\",\"https:\\\/\\\/x.com\\\/iamsoham\"],\"url\":\"https:\\\/\\\/foojay.io\\\/today\\\/author\\\/soham-dasgupta\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Context Is Code: A Tour of APM and AgentRC","description":"Why agent context needs a package manager, what APM gives you, and how AgentRC closes the loop on generation and evals.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/foojay.io\/today\/context-is-code-a-tour-of-apm-and-agentrc\/","og_locale":"en_US","og_type":"article","og_title":"Context Is Code: A Tour of APM and AgentRC","og_description":"Why agent context needs a package manager, what APM gives you, and how AgentRC closes the loop on generation and evals.","og_url":"https:\/\/foojay.io\/today\/context-is-code-a-tour-of-apm-and-agentrc\/","og_site_name":"foojay","article_published_time":"2026-06-05T08:35:05+00:00","article_modified_time":"2026-06-05T10:00:58+00:00","og_image":[{"width":384,"height":384,"url":"https:\/\/foojay.io\/wp-content\/uploads\/2020\/04\/Favicon-3-2.png","type":"image\/png"}],"author":"Soham Dasgupta","twitter_misc":{"Written by":"Soham Dasgupta","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/foojay.io\/today\/context-is-code-a-tour-of-apm-and-agentrc\/#article","isPartOf":{"@id":"https:\/\/foojay.io\/today\/context-is-code-a-tour-of-apm-and-agentrc\/"},"author":{"name":"Soham Dasgupta","@id":"https:\/\/foojay.io\/#\/schema\/person\/9ef9bf07a0614e8fc80e4f8ed35d3a33"},"headline":"Context Is Code: A Tour of APM and AgentRC","datePublished":"2026-06-05T08:35:05+00:00","dateModified":"2026-06-05T10:00:58+00:00","mainEntityOfPage":{"@id":"https:\/\/foojay.io\/today\/context-is-code-a-tour-of-apm-and-agentrc\/"},"wordCount":1434,"commentCount":0,"publisher":{"@id":"https:\/\/foojay.io\/#organization"},"keywords":["Agent Package Manager","APM","claude code","GitHub Copilot"],"articleSection":["Developer Tools","GenAI","Library","LLM"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/foojay.io\/today\/context-is-code-a-tour-of-apm-and-agentrc\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/foojay.io\/today\/context-is-code-a-tour-of-apm-and-agentrc\/","url":"https:\/\/foojay.io\/today\/context-is-code-a-tour-of-apm-and-agentrc\/","name":"Context Is Code: A Tour of APM and AgentRC","isPartOf":{"@id":"https:\/\/foojay.io\/#website"},"datePublished":"2026-06-05T08:35:05+00:00","dateModified":"2026-06-05T10:00:58+00:00","description":"Why agent context needs a package manager, what APM gives you, and how AgentRC closes the loop on generation and evals.","breadcrumb":{"@id":"https:\/\/foojay.io\/today\/context-is-code-a-tour-of-apm-and-agentrc\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/foojay.io\/today\/context-is-code-a-tour-of-apm-and-agentrc\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/foojay.io\/today\/context-is-code-a-tour-of-apm-and-agentrc\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/foojay.io\/"},{"@type":"ListItem","position":2,"name":"Context Is Code: A Tour of APM and AgentRC"}]},{"@type":"WebSite","@id":"https:\/\/foojay.io\/#website","url":"https:\/\/foojay.io\/","name":"foojay","description":"a place for friends of OpenJDK","publisher":{"@id":"https:\/\/foojay.io\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/foojay.io\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/foojay.io\/#organization","name":"foojay","url":"https:\/\/foojay.io\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/foojay.io\/#\/schema\/logo\/image\/","url":"https:\/\/foojay.io\/wp-content\/uploads\/2020\/04\/cropped-Favicon.png","contentUrl":"https:\/\/foojay.io\/wp-content\/uploads\/2020\/04\/cropped-Favicon.png","width":512,"height":512,"caption":"foojay"},"image":{"@id":"https:\/\/foojay.io\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/foojay2020"]},{"@type":"Person","@id":"https:\/\/foojay.io\/#\/schema\/person\/9ef9bf07a0614e8fc80e4f8ed35d3a33","name":"Soham Dasgupta","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/foojay.io\/wp-content\/uploads\/2022\/01\/1621934042991-96x96.jpeg","url":"https:\/\/foojay.io\/wp-content\/uploads\/2022\/01\/1621934042991-96x96.jpeg","contentUrl":"https:\/\/foojay.io\/wp-content\/uploads\/2022\/01\/1621934042991-96x96.jpeg","caption":"Soham Dasgupta"},"description":"Technology enthusiast | Agentic AI | Architect | Programmer | Cloud Native | Blogger | Speaker","sameAs":["https:\/\/sohamdasgupta.com","https:\/\/www.linkedin.com\/in\/dasguptasoham\/","https:\/\/x.com\/iamsoham"],"url":"https:\/\/foojay.io\/today\/author\/soham-dasgupta\/"}]}},"_links":{"self":[{"href":"https:\/\/foojay.io\/wp-json\/wp\/v2\/posts\/124116","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/foojay.io\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/foojay.io\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/foojay.io\/wp-json\/wp\/v2\/users\/280"}],"replies":[{"embeddable":true,"href":"https:\/\/foojay.io\/wp-json\/wp\/v2\/comments?post=124116"}],"version-history":[{"count":0,"href":"https:\/\/foojay.io\/wp-json\/wp\/v2\/posts\/124116\/revisions"}],"wp:attachment":[{"href":"https:\/\/foojay.io\/wp-json\/wp\/v2\/media?parent=124116"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/foojay.io\/wp-json\/wp\/v2\/categories?post=124116"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/foojay.io\/wp-json\/wp\/v2\/tags?post=124116"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}