generated from coulomb/repo-seed
docs(WARDEN-WP-0014): T5 — assist-layer docs, security model, INTENT/SCOPE
- wiki/OperatorAccessAssist.md: warden access contract, conduit-vs-broker boundary, the three guardrails + catalog secret guard, lane semantics. - AccessRouting.md: issue/route/assist roles; reconciled the anti-pattern table so the transparent conduit no longer contradicts it. - credential-routing.md rule: added warden access + "standing broker forbidden, transparent --fetch sanctioned" anti-pattern. - INTENT.md: pointer→assist charter extension. SCOPE.md: implemented list + Getting Oriented + maturity A4→A5 (Availability). - history decision record for the proxy-mode choice and guardrails. WP-0014 finished (T1–T5). 172 passed, lint clean. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
@@ -11,10 +11,16 @@ other credential need belongs to another subsystem. **Do not** message
|
||||
### Lookup (do this first)
|
||||
|
||||
```bash
|
||||
warden route find "<describe your need>" --json
|
||||
warden route show <catalog-id> --json
|
||||
warden route find "<describe your need>" --json # who owns it (pointer)
|
||||
warden access "<describe your need>" --json # how to get it (handoff)
|
||||
```
|
||||
|
||||
`warden access` is the operator front door (WARDEN-WP-0014): it renders the owner,
|
||||
auth method, path template, command skeleton, and policy-gate status for any need.
|
||||
For `exec_capable` lanes it can **proxy the fetch as you** (`--fetch`/`--exec`) — it
|
||||
runs the owner's tool with **your** identity and streams the value to you; ops-warden
|
||||
never holds, caches, or logs the value. See `wiki/OperatorAccessAssist.md`.
|
||||
|
||||
Requires the `warden` CLI from `~/ops-warden` (`uv tool install .` or `uv run warden`).
|
||||
|
||||
| Agent runtime | How to orient |
|
||||
@@ -39,6 +45,10 @@ Requires the `warden` CLI from `~/ops-warden` (`uv tool install .` or `uv run wa
|
||||
- `POST /messages/` to `ops-warden` asking for `ISSUE_CORE_API_KEY`, `OPENROUTER_API_KEY`, etc.
|
||||
- Inventing `warden secret`, `warden login`, `warden bao`, `warden tunnel` — they do not exist
|
||||
- Pasting secrets into Git, State Hub, workplans, logs, or chat
|
||||
- Treating `warden access --fetch` as a *secret store*. It is a transparent conduit
|
||||
using **your** identity — it holds nothing. ops-warden as a **standing broker**
|
||||
(its own secret-read token, a cache of fetched values) is forbidden; runtime secret
|
||||
custody stays in OpenBao, authorization in flex-auth.
|
||||
|
||||
### Other capabilities (reuse-surface)
|
||||
|
||||
|
||||
Reference in New Issue
Block a user