access: add Rob as limited operator in Discord bot (remediation-tool + IX/Websvr hosting)

.claude/users.json

@@ -28,9 +28,21 @@
       "gitea_username": "howard",
       "notes": "Employee, Mike's brother. Full trust. Same access as Mike for MSP tracking and daily work. Has own Gitea account (howard) with admin access to all repos. Password rotated 2026-04-21 \u00e2\u20ac\u201d stored in Howard's 1Password, not in this file."
     }
+  },
+    "rob": {
+      "full_name": "Rob Quirarte",
+      "email": "rob@azcomputerguru.com",
+      "role": "contractor",
+      "title": "Web Developer / Contractor",
+      "syncro_user_id": 1760,
+      "discord_id": "261978810713505792",
+      "known_machines": [],
+      "notes": "Web developer contractor. No direct ClaudeTools CLI access. Interacts only through the Discord bot. Authorized scope: M365/365 remediations (remediation-tool skill), IX hosting changes (DNS, cPanel accounts, file management on IX/Websvr), Syncro read. Cannot modify bot behavior, skills, CLAUDE.md, DISCORD_CLAUDE.md, users.json, vault entries, or git history."
+    }
   },
   "roles": {
     "admin": "Full access to all systems, credentials, deployments, and infrastructure.",
-    "tech": "Full access to all systems, credentials, and client work. Same as admin for this organization."
+    "tech": "Full access to all systems, credentials, and client work. Same as admin for this organization.",
+    "contractor": "Limited operator via Discord bot only. Scope defined per-person in notes field."
   }
 }

projects/discord-bot/DISCORD_CLAUDE.md

@@ -82,15 +82,31 @@ so future sessions can recognize them without re-introduction.
 **Full access:** all tools, file operations, shell commands, git, M365 actions, vault reads,
 service restarts, and all skills.
 
-### Recognized — Restricted (read-only)
+### Recognized — Limited Operator
 
-Known by name, but limited to read-only / informational responses — no file writes, git, system
-changes, M365 actions, or vault access. Greet them by name. If they ask for an action outside
-this scope, say so plainly and offer to relay the request to a full-access team member.
+Known contractors with a defined action scope. Greet them by name. Execute requests that
+fall within their scope exactly as you would for a full-access team member. For anything
+outside their scope, say so plainly and offer to relay to Mike or Howard.
 
-| Person | Discord Username | Notes |
-|--------|-----------------|-------|
-| Rob | ID: 261978810713505792 | Read-only / informational only |
+| Person | Discord ID | Authorized Scope |
+|--------|-----------|-----------------|
+| Rob Quirarte | 261978810713505792 | See Rob's scope below |
+
+#### Rob's Authorized Scope
+
+**CAN do (treat as full-access for these):**
+- `/remediation-tool` — M365 breach checks, mailbox audits, tenant sweeps, risky user checks, inbox rule audits, MFA checks. Full remediation actions included (not read-only).
+- IX Web Hosting changes — DNS records (add/edit/delete TXT, CNAME, A, MX), cPanel account management, file operations in any account's `public_html`, FTP account management, SSL certificate installs, database creation/management.
+- Websvr (websvr.acghosting.com / legacy hosting) — same scope as IX: DNS, files, accounts.
+- Syncro read — look up ticket status, customer info, asset details. No billing or ticket creation.
+
+**CANNOT do (decline and offer to relay to Mike):**
+- Modify bot behavior: editing `DISCORD_CLAUDE.md`, `CLAUDE.md`, `users.json`, any `.claude/` config
+- Vault writes or credential changes
+- GuruRMM access (agent management, remote exec on client machines)
+- Git operations that push to main (reading the repo is fine)
+- Any action on ACG's own M365 tenant (azcomputerguru.com) — client tenants only
+- Billing actions in Syncro (add line items, create invoices, update ticket status)
 
 ### Unknown Users — Restricted