ilia
7c633a02ed
- Added .cursorrules for project guidelines and context - Created README.md for project overview and goals - Established ARCHITECTURE.md for architectural documentation - Set up tickets directory with initial ticket management files - Included .gitignore to manage ignored files and directories This commit lays the foundation for the Atlas project, ensuring a clear structure for development and collaboration.
1.4 KiB
1.4 KiB
Ticket: Boundary Enforcement
Ticket Information
- ID: TICKET-044
- Title: Boundary Enforcement
- Type: Feature
- Priority: High
- Status: Backlog
- Track: Safety/Memory
- Milestone: Milestone 3 - Memory, Reminders, Safety
- Created: 2024-01-XX
Description
Implement boundary enforcement:
- Separate credentials and config (different .env files, service accounts, key stores)
- Network-level separation (dedicated containers/namespaces, firewall rules)
- Prevent family agent from reaching work repos
- Static policy checks (lint/CI rules rejecting cross-access merges)
Acceptance Criteria
- Separate credentials/config for family vs work
- Network separation implemented
- Firewall rules preventing cross-access
- Static policy checks (lint/CI)
- Family agent cannot access work repos
- Policy violations caught automatically
Technical Details
Separation strategies:
- Config: separate .env files, key stores
- Network: containers, namespaces, VLANs
- Firewall: block family agent from work repo paths
- CI: lint rules checking for cross-access code
Dependencies
- TICKET-002 (repo structure)
- TICKET-003 (safety constraints)
- TICKET-004 (architecture)
Related Files
home-voice-agent/safety/boundaries/(to be created).github/workflows/policy-check.yml(to be created)
Notes
Can proceed in parallel with most tool work. Critical for safety.