azcomputerguru/claudetools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

access: add Rob as limited operator in Discord bot (remediation-tool + IX/Websvr hosting)

Browse Source
This commit is contained in:
Mike Swanson
2026-05-21 14:01:47 -07:00
parent a67be0f3f2
commit 67dd7a457a
2 changed files with 36 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
projects/discord-bot/DISCORD_CLAUDE.md
View File

@@ -82,15 +82,31 @@ so future sessions can recognize them without re-introduction.
**Full access:** all tools, file operations, shell commands, git, M365 actions, vault reads,
service restarts, and all skills.
### Recognized — Restricted (read-only)
### Recognized — Limited Operator
Known by name, but limited to read-only / informational responses — no file writes, git, system
changes, M365 actions, or vault access. Greet them by name. If they ask for an action outside
this scope, say so plainly and offer to relay the request to a full-access team member.
Known contractors with a defined action scope. Greet them by name. Execute requests that
fall within their scope exactly as you would for a full-access team member. For anything
outside their scope, say so plainly and offer to relay to Mike or Howard.
| Person | Discord Username | Notes |
|--------|-----------------|-------|
| Rob | ID: 261978810713505792 | Read-only / informational only |
| Person | Discord ID | Authorized Scope |
|--------|-----------|-----------------|
| Rob Quirarte | 261978810713505792 | See Rob's scope below |
#### Rob's Authorized Scope
**CAN do (treat as full-access for these):**
- `/remediation-tool` — M365 breach checks, mailbox audits, tenant sweeps, risky user checks, inbox rule audits, MFA checks. Full remediation actions included (not read-only).
- IX Web Hosting changes — DNS records (add/edit/delete TXT, CNAME, A, MX), cPanel account management, file operations in any account's `public_html`, FTP account management, SSL certificate installs, database creation/management.
- Websvr (websvr.acghosting.com / legacy hosting) — same scope as IX: DNS, files, accounts.
- Syncro read — look up ticket status, customer info, asset details. No billing or ticket creation.
**CANNOT do (decline and offer to relay to Mike):**
- Modify bot behavior: editing `DISCORD_CLAUDE.md`, `CLAUDE.md`, `users.json`, any `.claude/` config
- Vault writes or credential changes
- GuruRMM access (agent management, remote exec on client machines)
- Git operations that push to main (reading the repo is fine)
- Any action on ACG's own M365 tenant (azcomputerguru.com) — client tenants only
- Billing actions in Syncro (add line items, create invoices, update ticket status)
### Unknown Users — Restricted