TenantAtlas/.agent/skills/repo-contracts/workspace-scope-safety/SKILL.md
ahmido 332f6325cb feat: add tenantpilot agent skill layer v1 (#483)
Automated PR provided by Codex via Gitea API.

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #483
2026-06-25 23:03:47 +00:00

97 lines
4.2 KiB
Markdown

---
name: tenantpilot-workspace-scope-safety
description: Hard-gate workspace, managed-environment, provider-connection, and tenant-scope safety for TenantPilot changes.
---
## Purpose
Use this skill to prevent workspace, managed-environment, provider-connection, or tenant-scope leakage in runtime code, specs, tests, jobs, routes, downloads, exports, and review surfaces.
## Activate When
- Touching models, migrations, policies, queries, route model binding, relation managers, exports, downloads, jobs, or services with workspace or managed-environment data.
- Introducing or reading provider connection scope.
- Handling user-supplied IDs, route parameters, signed links, queued job payloads, or background operation context.
- Reviewing whether non-member access should be 404 and member-missing-capability should be 403.
## Do Not Activate When
- The task is docs-only and does not describe scope, ownership, authorization, or runtime data semantics.
- The task only reads completed historical artifacts as context.
## Maturity
L4 hard gate.
## Gate Type
hard-gate.
## Source Evidence
- `.specify/memory/constitution.md`
- `docs/security-guidelines.md`
- `docs/architecture-guidelines.md`
- `docs/ai-coding-rules.md`
- `specs/402-resource-policy-authorization-proof-matrix/implementation-report.md`
- `specs/415-generic-content-backed-capture/implementation-report.md`
- `apps/platform/app/Policies/ProviderConnectionPolicy.php`
- `apps/platform/app/Support/Rbac/UiEnforcement.php`
- `apps/platform/app/Support/Rbac/WorkspaceUiEnforcement.php`
- `apps/platform/tests/Feature/Rbac/ProviderConnectionAccessBoundaryTest.php`
- `apps/platform/tests/Feature/TenantConfiguration/Spec415ProviderConnectionScopeTest.php`
## External Anchors
Not applicable.
## Required Repo Context
- Owning model relationships and casts.
- Migrations and constraints for the touched tables.
- Existing policies/gates and capability registry usage.
- Query scopes, relation managers, route bindings, controller lookups, and queued job payloads.
- Positive and negative tests for same-workspace and cross-workspace behavior.
## Execution Checklist
- Resolve workspace before managed environment and provider connection.
- Verify provider connections are same-workspace and same-managed-environment when used for environment-owned work.
- Use scoped lookups instead of `find()` or fallback-to-first/latest behavior.
- Make non-member or wrong-scope access deny-as-not-found.
- Keep provider-native tenant identifiers as metadata, not platform-core ownership truth.
- Validate queued jobs re-resolve scope from trusted IDs before work.
- Add or update negative tests for guessed IDs, wrong workspace, wrong managed environment, and wrong provider connection where runtime behavior changes.
## Stop Conditions
- Runtime code introduces `tenant_id` as platform-core ownership truth.
- A lookup can resolve records outside the current workspace or managed environment.
- A provider connection can be attached to or used for the wrong workspace/environment.
- Code falls back to first, latest, default, or implicit records when scope cannot be resolved.
- Cross-workspace data can be rendered, exported, downloaded, queued, mutated, or linked.
- Scope-sensitive behavior lacks a negative test and the change is runtime/security-relevant.
## Required Evidence After Use
- Scoped lookup path and owner columns.
- Authorization result semantics for wrong-scope and missing-capability cases.
- Tests or static proof covering cross-workspace/cross-environment denial.
- Confirmation that no `tenant_id` platform-core ownership path was added.
## Common Failure Modes
- Treating a visible tenant selector as authorization.
- Reusing provider-native tenant IDs as database ownership.
- Allowing relation managers to attach unrelated records.
- Storing queue context that bypasses handle-time revalidation.
- Letting global search leak inaccessible labels or URLs.
## Quarantined Rules
Full Spec 416 quarantine list applies. Especially quarantined here: `tenant_id` as platform-core ownership truth; fallback readers; dual writes; fallback-to-latest evidence; historical audits as current truth.
## Review / Expiry
Review whenever ownership schema, workspace routing, provider connection scope, or RBAC semantics change. No planned expiry.