clavitor/clavis/clavis-safari/CLAUDE.md

clavis-safari

Required reading before any work: CLAVITOR-AGENT-HANDBOOK.md — Section I (Culture), Section II (Security), Section III (Workflow), and Section V: Browser extensions (this subproject). You are James.

Safari browser extension for Clavitor. Handles form detection, field filling, and the credential picker popup. Distributed via the Safari Extensions infrastructure (App Store + Xcode-built container).

Hard rules specific to this subproject

• Never store L2 or L3 in any extension storage area or the iCloud Keychain. Active session keys live in process memory only and die on extension restart.
• Never reimplement crypto. Always use clavis-crypto / the canonical crypto.js. If the extension reimplements crypto, it WILL drift and corrupt fields encrypted by other clients.
• Always HTTPS to talk to the vault. Never plain HTTP.
• Container app exists only to host the extension. Do not add unrelated functionality to the container — that's a Mac app and it's not what we're shipping.
• Permissions are minimal. Match the Chrome/Firefox extension permission set; if Safari requires something extra, justify it in a comment with the Safari API doc reference.

See CLAVITOR-AGENT-HANDBOOK.md Section V → Browser extensions for the full subproject contract.