docs: replace stale .sh paths with claude_bottle/*.py equivalents
test / run tests/run_tests.py (push) Successful in 13s
test / run tests/run_tests.py (push) Successful in 13s
Cleans up references to the pre-refactor bash layout (cli.sh, lib/*.sh, scripts/*.sh) across README, Dockerfile, the pipelock PRD, and research notes. Refreshes line numbers in the oauth-token note against the current cli/start.py. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
@@ -273,7 +273,7 @@ reach, and avoids the `--best-effort` issue on macOS Docker Desktop.
|
||||
The claude-bottle manifest model would need one new piece of plumbing: a
|
||||
per-agent pipelock ACL YAML generated from the manifest's `allowlist`
|
||||
and `ssh` entries, analogous to what the smokescreen section of
|
||||
`network-egress-guard.md` already sketches. The `cli.sh` changes required
|
||||
`network-egress-guard.md` already sketches. The `cli.py` changes required
|
||||
are the same pattern: `docker network create --internal`, `docker run` for
|
||||
the proxy container, then `docker run` for the agent with `HTTPS_PROXY`
|
||||
injected.
|
||||
@@ -408,7 +408,7 @@ The reasoning:
|
||||
subdomain-entropy DNS exfil detection, MCP scanning, and request
|
||||
redaction. The integration shape for claude-bottle is identical: a
|
||||
separate container on an internal Docker network, with the agent's
|
||||
`HTTPS_PROXY` pointing at it. The `cli.sh` changes are the same pattern.
|
||||
`HTTPS_PROXY` pointing at it. The `cli.py` changes are the same pattern.
|
||||
|
||||
2. **The DLP layer is the most direct answer to the content-tripwire gap.**
|
||||
The `secret-exfil-tripwire-encodings.md` note concluded that no
|
||||
|
||||
Reference in New Issue
Block a user