didericis
31cde11b0d
lint / lint (push) Successful in 1m53s
The egress route fields table described `role` as a functional field that wires built-in auth flows. PRD 0029 removed the `claude_code_oauth` role; the manifest parser now rejects any `role` value as reserved-for-future-use. Provider auth routes are injected from `agent_provider.auth_token`. - README: fix the `role` row to state it is reserved and any value is rejected at load. - examples/bottles/claude.md: the manual `api.anthropic.com` route used the rejected `role` key and, even without it, would be silently dropped (provider-injected routes win for a provisioned host) — so its auth never took effect and the dlp comments described a route that never exists in the plan. Replace it with the canonical `agent_provider.auth_token` shape. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01YcU7nerbg8cVj9R4EkpfLJ
19 lines
883 B
Markdown
19 lines
883 B
Markdown
---
|
|
agent_provider:
|
|
template: claude
|
|
# auth_token names the host env var holding the Claude OAuth token. The
|
|
# provider injects a provider-owned api.anthropic.com egress route that
|
|
# re-injects this token as the Bearer header; the agent only ever sees a
|
|
# placeholder CLAUDE_CODE_OAUTH_TOKEN. DLP defaults (token_patterns,
|
|
# known_secrets outbound; naive_injection_detection inbound) apply to
|
|
# that route. To scan additional hosts, declare them under egress.routes
|
|
# with per-route matches/dlp (see README "Egress route fields").
|
|
auth_token: BOT_BOTTLE_CLAUDE_OAUTH_TOKEN
|
|
---
|
|
|
|
Common Claude provider boundary. Drop this file into
|
|
`~/.bot-bottle/bottles/claude.md`, then extend it from task-specific
|
|
bottles. The default smolmachines backend keeps DNS resolution under
|
|
the VM-layer egress policy; use `BOT_BOTTLE_BACKEND=docker` only for
|
|
legacy Docker-backed runs.
|