bot-bottle/docs/research at 96d2c7b7a13d3d4bf41789226a1ccc1e8244e6bd - bot-bottle - Gitea: Git with a cup of tea

didericis/bot-bottle

Files

T

History

didericis 96d2c7b7a1

test / unit (push) Successful in 12s

Details

test / integration (push) Successful in 15s

Details

docs(research): add note on git secret-scanning as defense-in-depth

Threat-models the case where a credential ends up in a tracked
file and is git-pushed to a public remote — the secret is
compromised the instant the push lands (events API, scrapers),
not at merge time. Recommends gitleaks as the smallest-blast-
radius layer to add: Go binary, MIT, offline, scans full history,
hookable from the existing .githooks/.

No code or workflow change; just the research note.

2026-05-12 16:24:06 -04:00

..

.gitkeep

Initial commit

2026-05-07 22:45:36 -04:00

agent-sandbox-landscape.md

docs(research): survey AI-agent sandbox tools

2026-05-11 15:56:23 -04:00

agent-vm-isolation.md

docs(research): document macOS agent VM isolation approach

2026-05-11 16:31:40 -04:00

apple-container-backend.md

docs: add research note on Apple container as an alternative backend

2026-05-10 02:36:11 -04:00

bash-vs-python-vs-go.md

docs: add research note comparing bash, Python, and Go for the CLI

2026-05-10 02:34:40 -04:00

claude-code-token-revocation.md

docs: add research note on revoking Claude Code OAuth tokens

2026-05-07 23:13:42 -04:00

git-secret-scanning-hardening.md

docs(research): add note on git secret-scanning as defense-in-depth

2026-05-12 16:24:06 -04:00

host-dispatch-to-container-agents.md

docs: replace stale .sh paths with claude_bottle/*.py equivalents

2026-05-10 00:27:25 -04:00

landscape-containerized-claude.md

Initial commit

2026-05-07 22:45:36 -04:00

local-vs-remote-agent-execution.md

Initial commit

2026-05-07 22:45:36 -04:00

network-egress-guard.md

docs: replace stale .sh paths with claude_bottle/*.py equivalents

2026-05-10 00:27:25 -04:00

oauth-token-exposure-to-claude.md

docs: replace stale .sh paths with claude_bottle/*.py equivalents

2026-05-10 00:27:25 -04:00

pipelock-assessment.md

docs(prd): add 0006, enable pipelock's native TLS interception

2026-05-12 14:15:44 -04:00

polish-priorities.md

docs: add research note on polish priorities to close the maturity gap

2026-05-10 20:38:44 -04:00

remote-docker-vm-isolation.md

docs: add Fly Machines case study to remote-docker-vm-isolation note

2026-05-10 01:18:08 -04:00

secret-exfil-tripwire-encodings.md

docs: add research note on multi-encoding secret exfil tripwires

2026-05-08 00:00:51 -04:00

smolmachines-as-vm-backend.md

docs(research): evaluate smolmachines as VM backend

2026-05-11 16:32:04 -04:00

stronger-isolation-alternatives.md

docs: add research note on stronger isolation alternatives

2026-05-10 00:38:46 -04:00

tea-token-isolation-via-proxy.md

docs: add research note on isolating tea token via proxy

2026-05-07 23:30:06 -04:00