f12aac13c3
FR-D1: Add least-privilege auth guidance to SECURITY-HARDENING.md
- Agent-scoped keys vs global API key comparison
- Auth hierarchy table (scoped key > global key > session > proxy)
- CLI examples for creating scoped keys
- Monitoring guidance for global key usage
FR-D2: Log security event when global admin API key is used
- Emits 'global_api_key_used' event to audit trail
- Hints toward agent-scoped keys for least-privilege
FR-D3: Add durable spawn history persistence
- New migration 043_spawn_history with indexed table
- spawn-history.ts with recordSpawnStart/Finish, getSpawnHistory,
getSpawnStats functions
- Replaces log-scraping fallback with DB-backed tracking
FR-D4: Document rate-limit backend strategy
- Current in-memory Map approach documented
- Pluggable backend plan for multi-instance (Redis, SQLite WAL)
- Per-agent rate limiter details documented
Also fixes MCP test type annotation (content: string → any).
|
||
|---|---|---|
| .. | ||
| plans | ||
| releases | ||
| LANDING-PAGE-HANDOFF.md | ||
| SCREENSHOT-GUIDE.md | ||
| SECURITY-HARDENING.md | ||
| cli-agent-control.md | ||
| cli-integration.md | ||
| deployment.md | ||
| mission-control-agents.png | ||
| mission-control-memory-graph.png | ||
| mission-control-overview.png | ||
| mission-control.jpg | ||
