azcomputerguru/claudetools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

sync: auto-sync from DESKTOP-0O8A1RL at 2026-05-20 10:58:31

Browse Source 
Author: Mike Swanson
Machine: DESKTOP-0O8A1RL
Timestamp: 2026-05-20 10:58:31
This commit is contained in:
Mike Swanson
2026-05-20 10:58:34 -07:00
parent 1f8a9dbc8d
commit 098e1d4156
2 changed files with 158 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

85
session-logs/2026-05-20-session.md
View File

@@ -464,4 +464,87 @@ Verified live: `curl https://azcomputerguru.com/` → ld+json block 1 (`@type: L
**Pending after this session:**
- Slider Revolution duplicate H1 (WP Admin GUI only — two H1 layers in homepage slider, one has "ServicesDesign" concatenation bug)
- Footer social icon hrefs (still `href="#"` — need ACG social profile URLs from Mike)
- Google Search Console property + sitemap submission
- Google Search Console property + sitemap submission
---
## Update: 10:50 PT — Discord Bot Enhancements + Cascades Tucson Canva Remediation
### Session Summary
This update covers two distinct tasks: (1) Discord bot architecture improvements, and (2) a client email delivery investigation and remediation for Cascades Tucson.
**Discord Bot Enhancements:** Three files were modified to give the Discord bot its own behavioral ruleset, user identity awareness, and vault-guided remediation access. A new DISCORD_CLAUDE.md system prompt was created at projects/discord-bot/DISCORD_CLAUDE.md and wired into bot/config.py via a new discord_system_prompt setting. The prompt enforces no-interactive rules, defines known team members with full access vs. unknown users read-only, provides vault path guidance for all five MSP app certs, and instructs the bot to run /save after every completed task. In bot/claude/client.py, _load_system_prompt() was updated to load DISCORD_CLAUDE.md with a fallback to CLAUDE.md. In bot/handlers/message_handler.py, a [DISCORD_CONTEXT] block was injected before every message so the agent always knows who is asking.
**Cascades Tucson - Canva Email Delivery Investigation:** Alma Montt (alma.montt@cascadestucson.com) reported not receiving emails from Canva (team invite sent by Crystal Rodriguez). Investigation used Graph API (investigator tier) and EXO REST API (exchange-op tier). Alma's mailbox is brand-new (first email May 19, 2026). No quarantined messages found. No inbox rules. Junk folder empty. MX record correct. Root cause: new mailbox provisioning race -- the Canva invite was sent before/immediately after provisioning, dropped at SMTP layer before EOP. Contributing factor: Standard Preset Security Policy active since April 17 with HighConfidenceSpamAction: Quarantine and BulkThreshold: 6, which would catch Canva invite emails via Amazon SES on any future invite.
Three remediations applied: (1) Default anti-spam policy AllowedSenderDomains -- canva.com, mail.canva.com, engage.canva.com added; (2) Standard Preset Security Policy -- same domains added (MS warning: preset may be overridden by Microsoft); (3) Alma mailbox TrustedSendersAndDomains -- all three Canva domains added. Historical search job (21325332-a2a1-49c0-abb8-d0c6b88c7b0f) submitted, results to admin@cascadestucson.com. Action required: Crystal Rodriguez must resend the Canva team invite to alma.montt@cascadestucson.com.
### Key Decisions
- Separate DISCORD_CLAUDE.md from CLAUDE.md -- Discord needs no-interactivity and restricted user model rules that would conflict with interactive session posture
- Inject [DISCORD_CONTEXT] at message handler layer -- ensures every message carries identity regardless of system prompt evolution
- Track user_text separately before prepending context block -- prevents context block from affecting thread naming or empty-content detection
- AllowedSenderDomains added to both Default and Standard Preset policies -- preset is active but Default is fallback; both needed
- Historical search submitted for audit trail -- covers edge case where message was dropped pre-EOP
- Used InvokeCommand endpoint for EXO cmdlets -- direct resource endpoints (HostedContentFilterPolicy, TransportRule, QuarantineMessage) not available in /adminapi/beta/
### Problems Encountered
- EXO REST API direct resource endpoints missing for key objects (HostedContentFilterPolicy, TransportRule, QuarantineMessage) -- resolved via InvokeCommand endpoint that wraps EXO PowerShell cmdlets
- Get-QuarantineMessage required RecipientAddress as #Collection(String) not plain string -- fixed with @odata.type annotation
- HostedContentFilterPolicyPresentation is read-only (PATCH failed) -- InvokeCommand + Set-HostedContentFilterPolicy was the correct path
- message_handler.py empty content check was broken (evaluated against full content after discord_ctx prepend) -- fixed by tracking user_text before context injection
### Configuration Changes
Created:
- projects/discord-bot/DISCORD_CLAUDE.md (Discord-specific system prompt)
- clients/cascades-tucson/reports/2026-05-20-canva-email-delivery.md (investigation report)
Modified:
- projects/discord-bot/bot/config.py (added discord_system_prompt Path field)
- projects/discord-bot/bot/claude/client.py (updated _load_system_prompt() to load DISCORD_CLAUDE.md)
- projects/discord-bot/bot/handlers/message_handler.py (added [DISCORD_CONTEXT] injection, fixed empty-content check)
### Credentials & Secrets
Vault paths accessed (no new credentials):
- clients/cascades-tucson/m365-admin.sops.yaml -- admin@cascadestucson.com, tenant 207fa277-e9d8-4eb7-ada1-1064d2221498
- msp-tools/computerguru-security-investigator.sops.yaml
- msp-tools/computerguru-exchange-operator.sops.yaml (InvokeCommand write ops)
- msp-tools/computerguru-defender-addon.sops.yaml (TABL write not available)
- msp-tools/computerguru-tenant-admin.sops.yaml
### Infrastructure & Servers
- Cascades Tucson tenant: cascadestucson.com | 207fa277-e9d8-4eb7-ada1-1064d2221498
- EXO REST API: https://outlook.office365.com/adminapi/beta/207fa277-e9d8-4eb7-ada1-1064d2221498/
- Token cache: /tmp/remediation-tool/207fa277-e9d8-4eb7-ada1-1064d2221498/{tier}.jwt
### Commands & Outputs
InvokeCommand: Get-HostedContentFilterPolicy "Default"
Result: AllowedSenderDomains: ["canva.com", "mail.canva.com", "engage.canva.com"]
InvokeCommand: Get-MailboxJunkEmailConfiguration "Alma.Montt@cascadestucson.com"
Result: TrustedSendersAndDomains: ["canva.com", "mail.canva.com", "engage.canva.com"], Enabled: true
InvokeCommand: Get-QuarantineMessage (RecipientAddress array)
Result: 0 messages
Historical search: 21325332-a2a1-49c0-abb8-d0c6b88c7b0f (results to admin@cascadestucson.com)
### Pending / Incomplete Tasks
- Crystal to resend Canva invite to alma.montt@cascadestucson.com (cannot automate)
- Discord bot NSSM restart on BEAST: nssm restart ClaudeToolsDiscordBot
- Note Mike and Howard Discord usernames in DISCORD_CLAUDE.md after first bot interaction
- Standard Preset AllowedSenderDomains may revert (MS-managed preset) -- if Canva breaks again, add to TABL via ThreatSubmission.ReadWrite.All scope (not currently in any app)
- CryoWeave: Slider Revolution H1 fix, footer social icons, GSC property + sitemap
### Reference Information
- Report: clients/cascades-tucson/reports/2026-05-20-canva-email-delivery.md
- Discord prompt: projects/discord-bot/DISCORD_CLAUDE.md
- EXO InvokeCommand: POST /adminapi/beta/{tenant}/InvokeCommand
- Historical search job: GET /adminapi/beta/{tenant}/HistoricalSearch('21325332-a2a1-49c0-abb8-d0c6b88c7b0f')