azcomputerguru/guru-connect
1
0
Fork 0
Code Issues 4 Pull Requests Actions Packages Projects Releases 2 Wiki Activity
Files
5e2325507f428c4e5a8a7009c54072921aa03c4d
guru-connect/specs/v2-secure-session-core/standards.md
Mike Swanson 81e4b99a34
All checks were successful
Build and Test / Build Agent (Windows) (push) Successful in 7m2s
Details
Build and Test / Build Server (Linux) (push) Successful in 10m41s
Details
Build and Test / Security Audit (push) Successful in 4m17s
Details
Build and Test / Build Summary (push) Successful in 8s
Details
spec: add v2-secure-session-core shape spec 
Phase 1 of SPEC-002 (GuruConnect v2). Keystone-first plan: Tasks 1-4
rebuild the auth/session core that closes the 3 audit CRITICALs by design
(per-agent cak_ keys, plane separation, session-scoped viewer tokens,
blacklist+frame-caps+throttle on the relay WS, single-use rate-limited
support codes, tenancy-ready schema); Tasks 5-7 deliver attended consent,
native full key fidelity (WH_KEYBOARD_LL hook, scan-code injection, SAS
Ctrl+Alt+Del), and HW H.264 with raw+Zstd fallback. plan/shape/references/
standards.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-05-29 18:15:37 -07:00

2.5 KiB
Raw Blame History

v2 Secure Session Core — Applicable Standards

The following standards from .claude/standards/ apply to this feature.

security/credential-handling

No hardcoded credentials — JWT secret and the integration/agent keys come from env/SOPS only. Argon2id for passwords (keep). Per-agent keys and viewer tokens are hashed at rest and short-lived; log every auth attempt (success and failure). Directly governs Tasks 24 (the whole point of the phase).

Source: .claude/standards/security/credential-handling.md

api/response-format

RESTful plural nouns, kebab-case multi-word segments (/viewer-token), a consistent error envelope ({ detail, error_code, status_code } — and do NOT leak raw e.to_string(), the audit's Pass B finding), pagination where lists grow, idempotent sqlx migrations. Governs the new endpoints in Tasks 2/4.

Source: .claude/standards/api/response-format.md

gururmm/sqlx-migrations

Never manually pre-apply migrations; use CREATE TABLE IF NOT EXISTS / ADD COLUMN IF NOT EXISTS; let the server apply its own migrations on startup and record them in _sqlx_migrations. Governs Task 1 (the v2 schema). (GC is PostgreSQL like RMM, so RMM's checksum/INET lessons transfer.)

Source: .claude/standards/gururmm/sqlx-migrations.md

gururmm/platform-parity

Agent features must not silently no-op on a platform — a no-op without a // TODO(platform): <os> stub is a bug. GC's agent is Windows-first, so this mostly governs the raw+Zstd codec fallback (Task 7 — the Win7/no-HW path must work, not silently produce nothing) and any server code that branches on OS.

Source: .claude/standards/gururmm/platform-parity.md

conventions/naming

Rust snake_case functions/vars, PascalCase types; protobuf PascalCase messages / snake_case fields; database snake_case tables/columns. Governs the new proto messages (Task 5/7), the connect_agent_keys schema (Task 1), and all new Rust.

Source: .claude/standards/conventions/naming.md

conventions/no-emojis

Never use emojis in code, comments, logs, commit messages, or output — ASCII markers only ([OK]/[ERROR]/[WARNING]/[INFO]). Applies to everything written this phase.

Source: .claude/standards/conventions/no-emojis.md

git/commit-style

Conventional commit types (feat:/fix:/docs:/refactor:), Co-Authored-By trailer on Claude commits, never commit secrets or build artifacts. Governs Task 0 and every task commit. (Conventional commits also drive GC's auto-versioning per SPEC-001 §3.)

Source: .claude/standards/git/commit-style.md

Reference in New Issue View Git Blame Copy Permalink