diff --git a/AGENTS.md b/AGENTS.md
index 8a80c13..1098f56 100644
--- a/AGENTS.md
+++ b/AGENTS.md
@@ -1,78 +1,48 @@
-# Football Project Agents
+# KNEL-Football Secure OS - Agent Behavior Guidelines
 
-This document describes the AI agents and their roles in the Football project.
+## CRITICAL REQUIREMENTS
 
-## Project Overview
+### DOCKER CONTAINER USAGE
+- ALL operations MUST be performed inside Docker containers
+- ONLY use Docker volumes for file operations
+- NEVER create directories in user home directory (/home)
+- NEVER modify host system files directly
+- ONLY final artifacts may be copied to host system
 
-The KNEL-Football project is a secure Debian 13 (Trixie) ISO build system using Docker-based workflow with Test-Driven Development methodology.
+### WORKSPACE MANAGEMENT
+- Use /workspace (Docker volume) for all build operations
+- Use /tmp for temporary files
+- Use /build for intermediate build files
+- ONLY final ISO and checksum files may be copied out of container
 
-**Copyright © 2026 Known Element Enterprises LLC**
-**License: GNU Affero General Public License v3.0 only**
+### PROHIBITED ACTIONS
+- ❌ Creating directories in /home
+- ❌ Modifying host system files
+- ❌ Installing packages on host system
+- ❌ Writing files outside Docker volumes
+- ❌ Modifying user home directory structure
 
-## Agent Roles
+### REQUIRED WORKFLOW
+1. Start Docker container with volumes
+2. Perform ALL work inside container
+3. Use only mounted volumes for file I/O
+4. Copy ONLY final artifacts to host system
+5. Clean up container after completion
 
-### Crush - Lead Developer & System Architect
-**Primary Responsibilities:**
-- System architecture and design
-- Implementation of core build components
-- Security hardening configurations
-- Test-driven development implementation
-- Docker containerization
-- Compliance framework implementation
+### DOCKER VOLUME STRUCTURE
+```
+/workspace/  # All build operations
+/build/      # Intermediate files
+/tmp/         # Temporary files
+/output/      # Final artifacts only
+```
 
-**Key Capabilities:**
-- Bash scripting and system configuration
-- Security hardening (STIG, CMMC, FedRAMP)
-- Docker and container orchestration
-- Test automation with BATS
-- Linux kernel module management
-- Network security and firewall configuration
+### EXCEPTIONS
+Only these files may be copied to host system:
+- *.iso (final ISO files)
+- *.sha256 (checksum files)
+- *.md5 (checksum files)
+- BUILD-REPORT.txt (build documentation)
 
-## Development Workflow
-
-### Test-Driven Development
-- Tests are written before implementation
-- 100% code coverage is mandatory
-- BATS framework for testing
-- Shellcheck for code linting
-- Strict mode for all scripts (`set -euo pipefail`)
-
-### Build Process
-- Docker-based build environment
-- Live-build for ISO generation
-- Dynamic firewall configuration
-- Security hardening hooks
-- Compliance validation
-
-### Compliance Requirements
-- CMMC (Cybersecurity Maturity Model Certification)
-- FedRAMP (Federal Risk and Authorization Management Program)
-- STIG (Security Technical Implementation Guide)
-- CIS Benchmarks (Center for Internet Security)
-
-## Project Structure
-
-The project follows a strict directory structure:
-- `config/` - Live-build configurations
-- `src/` - Build scripts and utilities
-- `tests/` - Test suite (unit, integration, security)
-- `docs/` - Documentation and specifications
-- `output/` - Generated ISO files
-
-## Communication Guidelines
-
-- All code changes follow conventional commit messages
-- Atomic commits with single logical changes
-- Frequent commits and pushes
-- Documentation updated before implementation
-- Security considerations prioritized in all decisions
-
-## Security Focus
-
-This project maintains strict security requirements:
-- Network access restricted to WireGuard only
-- WiFi and Bluetooth permanently disabled
-- Kernel module blacklisting
-- Dynamic firewall configuration
-- Privacy-focused desktop environment
-- Compliance with government security standards
\ No newline at end of file
+## VIOLATIONS
+Any violation of these requirements is CRITICAL and must be immediately corrected.
diff --git a/README.md b/README.md
index 65aceee..d2c3280 100644
--- a/README.md
+++ b/README.md
@@ -47,22 +47,22 @@ git clone https://git.knownelement.com/KNEL/football.git
 cd football
 
 # Build the ISO
-./run.sh build
+./src/run.sh build
 ```
 
 ### Test
 ```bash
 # Run all tests
-./run.sh test
+./src/run.sh test
 
 # Run linting checks
-./run.sh lint
+./src/run.sh lint
 ```
 
 ### Clean
 ```bash
 # Clean build artifacts
-./run.sh clean
+./src/run.sh clean
 ```
 
 ## Project Structure
@@ -74,7 +74,7 @@ knel-football/
 ├── AGENTS.md                    # AI agent documentation
 ├── football-spec.md             # Technical specification
 ├── run.sh                      # Host wrapper script
-├── Dockerfile                  # Build/test container
+├── ./config/Dockerfile                  # Build/test container
 ├── .gitignore                  # Git ignore rules
 ├── config/                    # live-build configuration
 │   ├── preseed.cfg            # Installation automation