Task 5 one-line registry descriptions on the 8 biggest skills (remediation-tool,
gc-audit, packetdial, memory-dream, human-flow, self-check, impeccable,
mailprotector); skill-description injection ~3320 -> ~2123 tokens (~36%),
keyword triggers preserved, frontmatter valid.
Task 7 thinned /save + /sync bodies to point at sync.sh (single source) instead of
re-documenting internals; Phase 0 save-vs-sync, cross-user notes, exit-75
reporting kept verbatim; mechanical sync never depends on an LLM step.
Task 10 session-logs/YYYY-MM/ forward convention for new logs (scoped-grep recall,
no monolithic index); existing flat logs untouched (grep covers both).
Bash now-phoenix.sh helper (fixed UTC-7 epoch math; replaces unreliable
TZ=America/Phoenix date that silently returns UTC on Git-Bash).
P0 (1.2.0) + Task 6 CLAUDE split + Task 9 delegation (1.3.0) already shipped.
Spec: specs/claudetools-harness-optimization/plan.md.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
5.2 KiB
5.2 KiB
name, description
| name | description |
|---|---|
| remediation-tool | M365 tenant investigation + remediation via the ComputerGuru MSP app suite (Security Investigator/Exchange Operator/User Manager/Tenant Admin/Defender). Direct Graph+Exchange REST (not CIPP). Triggers: 365 remediation, breach/credential-stuffing check, check a mailbox, inbox rules, mailbox forwarding, delegate/SendAs audit, OAuth consent, sign-in/risky-user lookup, tenant sweep. |
365 Remediation Tool
Read-only by default. All remediation actions require explicit YES confirmation in chat (not a permission prompt).
App Architecture (Tiered)
Five multi-tenant apps cover distinct privilege tiers. Use only what the task requires.
| Tier | App display name | App ID | Vault file | Scope |
|---|---|---|---|---|
investigator |
ComputerGuru Security Investigator | bfbc12a4-f0dd-4e12-b06d-997e7271e10c |
computerguru-security-investigator.sops.yaml |
Graph read-only |
investigator-exo |
ComputerGuru Security Investigator | bfbc12a4-f0dd-4e12-b06d-997e7271e10c |
computerguru-security-investigator.sops.yaml |
Exchange Online read |
exchange-op |
ComputerGuru Exchange Operator | b43e7342-5b4b-492f-890f-bb5a4f7f40e9 |
computerguru-exchange-operator.sops.yaml |
Exchange Online write |
user-manager |
ComputerGuru User Manager | 64fac46b-8b44-41ad-93ee-7da03927576c |
computerguru-user-manager.sops.yaml |
Graph user/group write |
tenant-admin |
ComputerGuru Tenant Admin | 709e6eed-0711-4875-9c44-2d3518c47063 |
computerguru-tenant-admin.sops.yaml |
Graph high-privilege |
defender |
ComputerGuru Defender Add-on | dbf8ad1a-54f4-4bb8-8a9e-ea5b9634635b |
computerguru-defender-addon.sops.yaml |
Defender ATP (MDE only) |
Default for breach checks: use investigator (Graph) + investigator-exo (Exchange read). Escalate to write tiers only when remediating.
Auto-Invocation Behavior
When triggered automatically (vs. via /remediation-tool), follow the same workflow in .claude/commands/remediation-tool.md:
- Parse the user's intent into a subcommand (check/sweep/signins/consent-url/remediate).
- Resolve tenant ID from domain.
- Acquire tokens via
get-token.sh <tenant> <tier>— use lowest-privilege tier needed. - Run checks via scripts in
scripts/. - Interpret findings using
references/checklist.md. - Write report to
clients/{slug}/reports/YYYY-MM-DD-{action}.mdusingtemplates/breach-report.md. - Chat summary + delegate commit to Gitea agent.
Before calling any script, verify
- The SOPS vault is accessible via
.claude/identity.jsonvault_pathfield. The scripts auto-resolve the vault location from identity.json — no hardcoded paths. jq,curl,bashare available.- For Exchange REST checks: confirm the target tenant has Exchange Administrator role assigned to the Security Investigator SP (for reads) or Exchange Operator SP (for writes). If any Exchange REST call returns 403, emit the tenant-scoped Entra Roles link from
references/gotchas.md. - For Identity Protection checks:
IdentityRiskyUser.Read.Allis in the Security Investigator manifest AND the tenant has consented to that app. If 403, emit the per-app consent URL fromreferences/gotchas.md. - For Defender checks: confirm tenant has Microsoft Defender for Endpoint (MDE) license before using
defendertier — it returns AADSTS650052 otherwise.
Conventions
- Target identifiers: accept UPN, domain, or tenant GUID. Normalize to tenant GUID internally.
- Token tiers: minimum necessary privilege. Never use
tenant-adminfor a read-only check. - Token cache:
/tmp/remediation-tool/{tenant-id}/{tier}.jwt. TTL 55 minutes. Check-mmin -55before reuse. - Raw JSON artifacts:
/tmp/remediation-tool/{tenant-id}/{check}/— keep so the user can re-analyze. - Reports:
clients/{slug}/reports/YYYY-MM-DD-{action}.md. Derive slug from domain (strip TLD, hyphenate). - UTC dates everywhere.
Scope boundaries
- Not a replacement for CIPP. Use CIPP for bulk baseline configuration, templates, standards alerting. Use this tool for focused investigation and point-in-time remediation.
- Entra app registrations stay manual in the portal — don't create/modify the multi-tenant apps themselves via the tool.
- Conditional Access policies CAN be managed programmatically (Tenant Admin tier holds
Policy.ReadWrite.ConditionalAccess+ the Conditional Access Administrator role). MANDATORY discipline: (1) always create/modify in report-only (state: enabledForReportingButNotEnforced) first; (2) always exclude the tenant's break-glass account (conditions.users.excludeUsers); (3) verify impact in Entra sign-in logs before enforcing; (4) get explicit user confirmation before flipping any policy toenabledon a tenant with real users. (CA-manual boundary relaxed 2026-05-27 at Mike's direction — break-glass + report-only keep blast radius near zero.) - Not for Graph permissions the apps don't have. If a call 403s and the scope isn't in the relevant app's manifest, stop and tell the user — don't try to work around it.
- Defender tier requires MDE license. If the tenant doesn't have MDE, the token request succeeds but API calls return AADSTS650052. Check before using.