- clients/glaztech/session-logs/2026-04-20-session.md: Exchange Online
transport rule created to bypass DMARC for clearcutglass.com
- session-logs/2026-04-20-session.md: update with 12:55 work
- .claude/commands/syncro.md: fix billing workflow — comment endpoint
silently drops time fields; use timer_entry endpoint instead
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Extract Ollama docs and PROJECT_STATE locking protocol to on-demand
reference files. Trim Work Mode to detection table only. Remove verbose
anti-pattern examples and credential encryption details.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Rewrote get-token.sh: tiered app system (investigator/exchange-op/user-manager/tenant-admin/defender)
- Updated SKILL.md, command, gotchas, checklist, graph-endpoints for new app suite
- Cascades breach check: mailbox clean, inbound phishing received by John, DMARC gap noted
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
