Create scoped-gitea-token task
Task 7 (Tier 1 Security). Pokerole isolation. Date: 2026-02-16
This commit is contained in:
27
docs/tasks/scoped-gitea-token/README.md
Normal file
27
docs/tasks/scoped-gitea-token/README.md
Normal file
@@ -0,0 +1,27 @@
|
||||
# Scoped Gitea Token for Pokerole Project
|
||||
|
||||
**Status:** Ready
|
||||
**Priority:** Tier 1 - Security
|
||||
**Time:** 15 minutes
|
||||
**Depends:** Vaultwarden operational
|
||||
**Last Updated:** 2026-02-16
|
||||
|
||||
## Overview
|
||||
Create scoped Gitea API token limited to Pokerole repos only. Replace master token with defense-in-depth boundary enforcement.
|
||||
|
||||
## Problem
|
||||
Pokerole project currently uses master Gitea token with "honor system" scoping. Iron Wall principle: enforce technically, not socially.
|
||||
|
||||
## Actions
|
||||
1. Create new Gitea token scoped to 4 Pokerole repos only
|
||||
2. Store in Vaultwarden
|
||||
3. Update `pokerole-project/misc-docs/SESSION-START-PROMPT.md`
|
||||
4. Test Claudius access (Pokerole repos ONLY)
|
||||
5. Remove master token reference
|
||||
|
||||
## Success Criteria
|
||||
- ✅ Scoped token created and stored
|
||||
- ✅ Claudius isolated from Firefrost infrastructure
|
||||
- ✅ Defense in depth enforced
|
||||
|
||||
**Fire + Frost + Foundation** 💙🔥❄️
|
||||
Reference in New Issue
Block a user