sync: auto-sync from GURU-5070 at 2026-06-14 10:33:33
Author: Mike Swanson Machine: GURU-5070 Timestamp: 2026-06-14 10:33:33
This commit is contained in:
@@ -139,4 +139,6 @@
|
||||
- [IX WHM API access = 'ClaudeTools' token, not password](ix-whm-dns-api-access.md) — IX cPanel/WHM (ix.azcomputerguru.com:2087) DNS + all API work uses the FULL-ACCESS-root WHM API token at vault `infrastructure/ix-server` `credentials.whm-api-token` via header `Authorization: whm root:<token>` (force curl -4). Password basic-auth on legacy json-api now 403s. Public NS ns1/ns2.acghosting.com = 52.52.94.202.
|
||||
- [Vault EVERY credential surfaced in-session](feedback-vault-every-credential.md) — any cred (pasted/created/discovered) -> store via the vault skill + document purpose & exact usage immediately; it's a standing job rule (reinforced in CORE CLAUDE.md). Lost IX creds wasted ~1h on 2026-06-12.
|
||||
- [GuruRMM install-report v1: reuse endpoint + failed-install agent](gururmm-install-report-failed-agent-v1.md) — legacy NSIS installer reuses /api/install-report (machine info + logs, success+fail); server upserts a visible "failed-install" device on failure reports (Mike: in v1); verify-connect-before-success; trend/near-fail analytics. Server side is a separate sequential SPEC after the legacy-agent branch lands.
|
||||
- [DM wrapping commands to Mike in Discord](feedback_dm_wrapping_commands_to_mike.md) — long/wrapping one-liners go via Discord DM (code block copies clean), not just chat; bot token vault projects/discord-bot/bot-token, Mike uid 264814939619721216, MUST set User-Agent header or Cloudflare 403 errcode 1010; helper .claude/tmp/discord-dm.py
|
||||
- [DM wrapping commands to Mike in Discord](feedback_dm_wrapping_commands_to_mike.md) — long/wrapping one-liners go via Discord DM (code block copies clean), not just chat; bot token vault projects/discord-bot/bot-token, Mike uid 264814939619721216, MUST set User-Agent header or Cloudflare 403 errcode 1010; helper .claude/tmp/discord-dm.py
|
||||
- [CT Thoughts backlog](feedback_ct_thoughts_backlog.md) — ClaudeTools harness ideas go in docs/CT_THOUGHTS.md (trigger "ct thought:"); CT analogue of RMM_THOUGHTS. Don't build until explicit go. First entry = ClaudeTools 3.0 web co-work vision.
|
||||
- [AI-auth product boundary](project_ai_auth_product_boundary.md) — ClaudeTools/ClaudeTools 3.0 = internal-only, per-person subscription OAuth ok; GuruRMM = sellable, customer brings own API key (never ACG's subscription); backend dev = internal. Anthropic ToS bans subscription auth in third-party products.
|
||||
|
||||
18
.claude/memory/feedback_ct_thoughts_backlog.md
Normal file
18
.claude/memory/feedback_ct_thoughts_backlog.md
Normal file
@@ -0,0 +1,18 @@
|
||||
---
|
||||
name: feedback_ct_thoughts_backlog
|
||||
description: Where ClaudeTools harness ideas go (CT_THOUGHTS.md) and the trigger phrase to append one
|
||||
metadata:
|
||||
type: feedback
|
||||
---
|
||||
|
||||
ClaudeTools harness ideas (the internal tooling itself, not client work) go in
|
||||
`docs/CT_THOUGHTS.md` — the CT analogue of [[feedback_rmm_thoughts_backlog]]'s
|
||||
RMM_THOUGHTS.md. Pipeline: thought (Status: Raw) -> discuss -> spec (`/shape-spec` or a
|
||||
concept doc) -> roadmap -> build.
|
||||
|
||||
**Why:** keeps ClaudeTools-self ideas in one durable backlog instead of evaporating into
|
||||
session logs; parallels the GuruRMM thought pipeline.
|
||||
**How to apply:** when Mike/Howard say "ct thought: <idea>" / "add to ct thoughts" / "park
|
||||
this as a ct thought", append it to `docs/CT_THOUGHTS.md` with who/when + a Status. Don't
|
||||
build until an explicit go (per [[feedback_stream_of_thought_design]]). First entry =
|
||||
ClaudeTools 3.0 web co-work vision (see [[project_ai_auth_product_boundary]] for its auth model).
|
||||
28
.claude/memory/project_ai_auth_product_boundary.md
Normal file
28
.claude/memory/project_ai_auth_product_boundary.md
Normal file
@@ -0,0 +1,28 @@
|
||||
---
|
||||
name: project_ai_auth_product_boundary
|
||||
description: Which ACG products may use Claude subscription OAuth vs must use customer/API-key auth, and why (Anthropic ToS)
|
||||
metadata:
|
||||
type: project
|
||||
---
|
||||
|
||||
Firm product/AI-auth boundary Mike set 2026-06-14, decided by Anthropic's Agent SDK ToS
|
||||
(third-party products may NOT offer claude.ai login / subscription rate limits without
|
||||
written approval):
|
||||
|
||||
- **ClaudeTools harness (incl. a future web "ClaudeTools 3.0" co-work app)** —
|
||||
ALWAYS internal-only, internal users only. May use per-person Claude subscription OAuth
|
||||
(`CLAUDE_CODE_OAUTH_TOKEN` via `claude setup-token`). Compliant pattern = each node/workstation
|
||||
authenticates with THAT person's own token (Mike's on Mike's boxes, Howard's on his); the hub
|
||||
never centralizes one subscription to serve many. Note: as of 2026-06-15 subscription-backed
|
||||
Agent SDK usage draws on a separate monthly credit pool (~$100-200 Max), not unlimited — spill
|
||||
to API key when exhausted.
|
||||
- **GuruRMM** — SELLABLE product. AI features must use the CUSTOMER's own dropped-in API key
|
||||
(per-tenant `ANTHROPIC_API_KEY`), never ACG's subscription. Build RMM AI auth around BYO-key
|
||||
from day one.
|
||||
- **Backend dev work (e.g. GuruRMM log-analysis dev side)** — always internal.
|
||||
|
||||
**Why:** subscription OAuth is fine for internal/own use but ToS-banned for offering to external
|
||||
users; getting this wrong on a sellable product is a hard compliance line, not grey.
|
||||
**How to apply:** ClaudeTools 3.0 web design assumes per-person subscription tokens on each node
|
||||
(internal). Anything customer-facing (GuruRMM) = customer-provided API keys. See
|
||||
[[feedback_stream_of_thought_design]] for the design-partner posture on this early-stage vision.
|
||||
Reference in New Issue
Block a user