From 52c6fada6731a21fa740f00bfaff2ce418da7a02 Mon Sep 17 00:00:00 2001 From: AEGIS Date: Sat, 11 Apr 2026 09:35:17 -0500 Subject: [PATCH] docs(ecosystem): scrub private service-binding + repo references MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Follow-up to docs#15 (outbound disclosure policy). Removes the last pre-existing leaks in ecosystem.md that were explicitly called out as out-of-scope in the original policy PR: - Service Map: tarotscript-worker / img-forge-gateway (wrangler binding identifiers) → "internal service binding" - Authentication: edge-auth (private repo name) → "Stackbilt Auth" (the public service capability). auth.stackbilt.dev is fine to reference as the public domain. Functional info (centralized auth, RPC binding latency, subdomain) is preserved. Private repo and binding names are not. Closes Stackbilt-dev/codebeast#32. Co-Authored-By: Claude Opus 4.6 (1M context) --- src/content/docs/ecosystem.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/content/docs/ecosystem.md b/src/content/docs/ecosystem.md index 68a115b..4f7e5bd 100644 --- a/src/content/docs/ecosystem.md +++ b/src/content/docs/ecosystem.md @@ -26,8 +26,8 @@ Charter is the open-source CLI. Stackbilder and img-forge are commercial service | Service | Domain | Purpose | |---------|--------|---------| | **Stackbilder Platform** | `stackbilder.com` | Product frontend, Astro server API routes, service binding gateway | -| **TarotScript** | `tarotscript-worker` (service binding) | Deterministic scaffold engine — intent classification, scaffold-cast spreads, grimoire persistence | -| **img-forge** | `img-forge-gateway` (service binding) | AI image generation API, async job queue, R2 image storage | +| **TarotScript** | internal service binding | Deterministic scaffold engine — intent classification, scaffold-cast spreads, grimoire persistence | +| **img-forge** | internal service binding | AI image generation API, async job queue, R2 image storage | | **Auth** | `auth.stackbilt.dev` | Centralized auth — OAuth (GitHub/Google), session management, API keys, quota, billing | | **AEGIS** | `aegis.stackbilt.dev` | Persistent AI agent framework — see [aegis-oss](https://github.com/Stackbilt-dev/aegis-oss) | | **Docs** | `docs.stackbilder.com` | Documentation (this site) | @@ -120,13 +120,13 @@ See [img-forge API](/img-forge) for the full REST and MCP reference. ## Authentication -All services use edge-auth (`auth.stackbilt.dev`) for centralized authentication: +All services use Stackbilt Auth (`auth.stackbilt.dev`) for centralized authentication: - **OAuth** — GitHub and Google sign-in via Better Auth - **Session cookies** — `better-auth.session_token`, validated via RPC service binding - **API keys** — `ea_*`, `sb_live_*`, `sb_test_*` prefixes for programmatic access -The platform frontend (`stackbilder.com`) validates sessions via an RPC binding to edge-auth — near-zero latency, no HTTP hop. +The platform frontend (`stackbilder.com`) validates sessions via an RPC binding to the Stackbilt Auth service — near-zero latency, no HTTP hop. ## Pricing