docs: document egress route fields #211

Merged

didericis merged 3 commits from docs/egress-manifest-shape into main

2026-06-23 17:55:57 -04:00

Author	SHA1	Message	Date
didericis	31cde11b0d	docs: correct stale role field and claude provider auth example lint / lint (push) Successful in 1m53s Details The egress route fields table described `role` as a functional field that wires built-in auth flows. PRD 0029 removed the `claude_code_oauth` role; the manifest parser now rejects any `role` value as reserved-for-future-use. Provider auth routes are injected from `agent_provider.auth_token`. - README: fix the `role` row to state it is reserved and any value is rejected at load. - examples/bottles/claude.md: the manual `api.anthropic.com` route used the rejected `role` key and, even without it, would be silently dropped (provider-injected routes win for a provisioned host) — so its auth never took effect and the dlp comments described a route that never exists in the plan. Replace it with the canonical `agent_provider.auth_token` shape. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01YcU7nerbg8cVj9R4EkpfLJ	2026-06-23 17:53:18 -04:00
didericis-claude	c41751f3b9	docs: add role and git.fetch to egress route fields table Both fields were missing from the reference table added in the preceding commit — `role` is visible in examples/bottles/claude.md and `git.fetch` is documented in PRD 0052 but neither appeared in the README table.	2026-06-23 17:48:19 -04:00
didericis	e2422c20a0	docs: document egress matches, dlp fields, and detector defaults	2026-06-23 17:48:19 -04:00

Author

SHA1

Message

Date

didericis

31cde11b0d

docs: correct stale role field and claude provider auth example

lint / lint (push) Successful in 1m53s

Details

The egress route fields table described `role` as a functional field
that wires built-in auth flows. PRD 0029 removed the
`claude_code_oauth` role; the manifest parser now rejects any `role`
value as reserved-for-future-use. Provider auth routes are injected
from `agent_provider.auth_token`.

- README: fix the `role` row to state it is reserved and any value is
  rejected at load.
- examples/bottles/claude.md: the manual `api.anthropic.com` route used
  the rejected `role` key and, even without it, would be silently
  dropped (provider-injected routes win for a provisioned host) — so its
  auth never took effect and the dlp comments described a route that
  never exists in the plan. Replace it with the canonical
  `agent_provider.auth_token` shape.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01YcU7nerbg8cVj9R4EkpfLJ

2026-06-23 17:53:18 -04:00

didericis-claude

c41751f3b9

docs: add role and git.fetch to egress route fields table

Both fields were missing from the reference table added in the preceding
commit — `role` is visible in examples/bottles/claude.md and `git.fetch`
is documented in PRD 0052 but neither appeared in the README table.

2026-06-23 17:48:19 -04:00

didericis

e2422c20a0

docs: document egress matches, dlp fields, and detector defaults

2026-06-23 17:48:19 -04:00

docs: document egress route fields #211

3 Commits