bgdnvk · rafeegnash · Jun 4, 2026 · Jun 4, 2026
diff --git a/internal/cloudflare/conversation.go b/internal/cloudflare/conversation.go
@@ -9,6 +9,8 @@ import (
 	"strings"
 	"sync"
 	"time"
+
+	"github.com/bgdnvk/clanker/internal/secfile"
 )
 
 // ConversationEntry represents a single Q&A exchange
@@ -151,7 +153,7 @@ func (h *ConversationHistory) Save() error {
 		return err
 	}
 
-	if err := os.MkdirAll(dir, 0755); err != nil {
+	if err := secfile.EnsurePrivateDir(dir); err != nil {
 		return fmt.Errorf("failed to create conversation directory: %w", err)
 	}
 
@@ -161,7 +163,7 @@ func (h *ConversationHistory) Save() error {
 		return fmt.Errorf("failed to marshal conversation history: %w", err)
 	}
 
-	if err := os.WriteFile(filename, data, 0644); err != nil {
+	if err := secfile.WritePrivate(filename, data); err != nil {
 		return fmt.Errorf("failed to write conversation file: %w", err)
 	}
 
@@ -179,7 +181,7 @@ func (h *ConversationHistory) Load() error {
 	}
 
 	filename := filepath.Join(dir, fmt.Sprintf("cloudflare_%s.json", sanitizeFilename(h.AccountID)))
-	data, err := os.ReadFile(filename)
+	data, err := secfile.ReadPrivate(filename)
 	if err != nil {
 		if os.IsNotExist(err) {
 			// No history yet, that is fine

diff --git a/internal/flyio/conversation.go b/internal/flyio/conversation.go
@@ -8,6 +8,8 @@ import (
 	"strings"
 	"sync"
 	"time"
+
+	"github.com/bgdnvk/clanker/internal/secfile"
 )
 
 // ConversationEntry represents a single Q&A exchange.
@@ -99,7 +101,7 @@ func (h *ConversationHistory) Save() error {
 		return err
 	}
 
-	if err := os.MkdirAll(dir, 0755); err != nil {
+	if err := secfile.EnsurePrivateDir(dir); err != nil {
 		return fmt.Errorf("failed to create conversation directory: %w", err)
 	}
 
@@ -118,7 +120,7 @@ func (h *ConversationHistory) Save() error {
 	}
 
 	tmp := filename + ".tmp"
-	if err := os.WriteFile(tmp, data, 0644); err != nil {
+	if err := secfile.WritePrivate(tmp, data); err != nil {
 		return fmt.Errorf("failed to write temp conversation file: %w", err)
 	}
 	if err := os.Rename(tmp, filename); err != nil {
@@ -138,7 +140,7 @@ func (h *ConversationHistory) Load() error {
 	if err != nil {
 		return err
 	}
-	data, err := os.ReadFile(path)
+	data, err := secfile.ReadPrivate(path)
 	if err != nil {
 		if os.IsNotExist(err) {
 			return nil

diff --git a/internal/flyio/conversation_test.go b/internal/flyio/conversation_test.go
@@ -3,6 +3,7 @@ package flyio
 import (
 	"os"
 	"path/filepath"
+	"runtime"
 	"strings"
 	"testing"
 )
@@ -58,9 +59,25 @@ func TestSaveLoadRoundTrip(t *testing.T) {
 
 	// File should land at ~/.clanker/conversations/flyio_acme.json.
 	want := filepath.Join(dir, ".clanker", "conversations", "flyio_acme.json")
-	if _, err := os.Stat(want); err != nil {
+	info, err := os.Stat(want)
+	if err != nil {
 		t.Fatalf("expected file %s: %v", want, err)
 	}
+	if runtime.GOOS != "windows" {
+		// Saved files must not be world-readable — they contain raw
+		// operator Q&A (account IDs, ARNs, policy fragments). Drift
+		// guard for #22.
+		if mode := info.Mode().Perm(); mode != 0o600 {
+			t.Errorf("file mode = %04o, want 0600", mode)
+		}
+		convDir, err := os.Stat(filepath.Dir(want))
+		if err != nil {
+			t.Fatalf("stat conv dir: %v", err)
+		}
+		if mode := convDir.Mode().Perm(); mode != 0o700 {
+			t.Errorf("conversations dir mode = %04o, want 0700", mode)
+		}
+	}
 
 	loaded := NewConversationHistory("acme")
 	if err := loaded.Load(); err != nil {

diff --git a/internal/iam/conversation.go b/internal/iam/conversation.go
@@ -8,6 +8,8 @@ import (
 	"strings"
 	"sync"
 	"time"
+
+	"github.com/bgdnvk/clanker/internal/secfile"
 )
 
 // ConversationEntry represents a single Q&A exchange
@@ -146,7 +148,7 @@ func (h *ConversationHistory) Save() error {
 		return err
 	}
 
-	if err := os.MkdirAll(dir, 0755); err != nil {
+	if err := secfile.EnsurePrivateDir(dir); err != nil {
 		return fmt.Errorf("failed to create conversation directory: %w", err)
 	}
 
@@ -156,7 +158,7 @@ func (h *ConversationHistory) Save() error {
 		return fmt.Errorf("failed to marshal conversation history: %w", err)
 	}
 
-	if err := os.WriteFile(filename, data, 0644); err != nil {
+	if err := secfile.WritePrivate(filename, data); err != nil {
 		return fmt.Errorf("failed to write conversation file: %w", err)
 	}
 
@@ -174,7 +176,7 @@ func (h *ConversationHistory) Load() error {
 	}
 
 	filename := filepath.Join(dir, fmt.Sprintf("iam_%s.json", sanitizeFilename(h.AccountID)))
-	data, err := os.ReadFile(filename)
+	data, err := secfile.ReadPrivate(filename)
 	if err != nil {
 		if os.IsNotExist(err) {
 			// No history yet, that is fine

diff --git a/internal/k8s/conversation.go b/internal/k8s/conversation.go
@@ -10,6 +10,8 @@ import (
 	"strings"
 	"sync"
 	"time"
+
+	"github.com/bgdnvk/clanker/internal/secfile"
 )
 
 // ConversationEntry represents a single Q&A exchange
@@ -177,7 +179,7 @@ func (h *ConversationHistory) Save() error {
 		return err
 	}
 
-	if err := os.MkdirAll(dir, 0755); err != nil {
+	if err := secfile.EnsurePrivateDir(dir); err != nil {
 		return fmt.Errorf("failed to create conversation directory: %w", err)
 	}
 
@@ -187,7 +189,7 @@ func (h *ConversationHistory) Save() error {
 		return fmt.Errorf("failed to marshal conversation history: %w", err)
 	}
 
-	if err := os.WriteFile(filename, data, 0644); err != nil {
+	if err := secfile.WritePrivate(filename, data); err != nil {
 		return fmt.Errorf("failed to write conversation file: %w", err)
 	}
 
@@ -205,7 +207,7 @@ func (h *ConversationHistory) Load() error {
 	}
 
 	filename := filepath.Join(dir, fmt.Sprintf("k8s_%s.json", sanitizeFilename(h.ClusterName)))
-	data, err := os.ReadFile(filename)
+	data, err := secfile.ReadPrivate(filename)
 	if err != nil {
 		if os.IsNotExist(err) {
 			// No history yet, that is fine

diff --git a/internal/linear/conversation.go b/internal/linear/conversation.go
@@ -8,6 +8,8 @@ import (
 	"strings"
 	"sync"
 	"time"
+
+	"github.com/bgdnvk/clanker/internal/secfile"
 )
 
 // ConversationEntry is a single Q&A turn against the Linear ask agent.
@@ -129,7 +131,7 @@ func historyPath(workspaceID string) (string, error) {
 		return "", err
 	}
 	dir := filepath.Join(home, ".clanker")
-	if err := os.MkdirAll(dir, 0o755); err != nil {
+	if err := secfile.EnsurePrivateDir(dir); err != nil {
 		return "", err
 	}
 	return filepath.Join(dir, fmt.Sprintf("linear-%s.json", safeSlug(workspaceID))), nil
@@ -140,7 +142,7 @@ func (h *ConversationHistory) Load() error {
 	if err != nil {
 		return err
 	}
-	data, err := os.ReadFile(path)
+	data, err := secfile.ReadPrivate(path)
 	if err != nil {
 		if os.IsNotExist(err) {
 			return nil
@@ -163,5 +165,5 @@ func (h *ConversationHistory) Save() error {
 	if err != nil {
 		return err
 	}
-	return os.WriteFile(path, data, 0o600)
+	return secfile.WritePrivate(path, data)
 }
diff --git a/internal/notion/conversation.go b/internal/notion/conversation.go
@@ -8,6 +8,8 @@ import (
 	"strings"
 	"sync"
 	"time"
+
+	"github.com/bgdnvk/clanker/internal/secfile"
 )
 
 const (
@@ -128,7 +130,7 @@ func historyPath(workspaceName string) (string, error) {
 		return "", err
 	}
 	dir := filepath.Join(home, ".clanker")
-	if err := os.MkdirAll(dir, 0o755); err != nil {
+	if err := secfile.EnsurePrivateDir(dir); err != nil {
 		return "", err
 	}
 	return filepath.Join(dir, fmt.Sprintf("notion-%s.json", safeSlug(workspaceName))), nil
@@ -139,7 +141,7 @@ func (h *ConversationHistory) Load() error {
 	if err != nil {
 		return err
 	}
-	data, err := os.ReadFile(path)
+	data, err := secfile.ReadPrivate(path)
 	if err != nil {
 		if os.IsNotExist(err) {
 			return nil
@@ -162,5 +164,5 @@ func (h *ConversationHistory) Save() error {
 	if err != nil {
 		return err
 	}
-	return os.WriteFile(path, data, 0o600)
+	return secfile.WritePrivate(path, data)
 }
diff --git a/internal/railway/conversation.go b/internal/railway/conversation.go
@@ -8,6 +8,8 @@ import (
 	"strings"
 	"sync"
 	"time"
+
+	"github.com/bgdnvk/clanker/internal/secfile"
 )
 
 // ConversationEntry represents a single Q&A exchange.
@@ -112,15 +114,15 @@ func (h *ConversationHistory) Save() error {
 	if err != nil {
 		return err
 	}
-	if err := os.MkdirAll(dir, 0755); err != nil {
+	if err := secfile.EnsurePrivateDir(dir); err != nil {
 		return fmt.Errorf("failed to create conversation directory: %w", err)
 	}
 
 	filename := filepath.Join(dir, fmt.Sprintf("railway_%s.json", sanitizeID(workspaceID)))
 
 	// Atomic write: temp + rename.
 	tmp := filename + ".tmp"
-	if err := os.WriteFile(tmp, data, 0644); err != nil {
+	if err := secfile.WritePrivate(tmp, data); err != nil {
 		return fmt.Errorf("failed to write temp conversation file: %w", err)
 	}
 	if err := os.Rename(tmp, filename); err != nil {
@@ -140,7 +142,7 @@ func (h *ConversationHistory) Load() error {
 	if err != nil {
 		return err
 	}
-	data, err := os.ReadFile(path)
+	data, err := secfile.ReadPrivate(path)
 	if err != nil {
 		if os.IsNotExist(err) {
 			return nil

diff --git a/internal/secfile/drift_test.go b/internal/secfile/drift_test.go
@@ -0,0 +1,93 @@
+package secfile_test
+
+import (
+	"go/ast"
+	"go/parser"
+	"go/token"
+	"io/fs"
+	"path/filepath"
+	"strings"
+	"testing"
+)
+
+// TestConversationFilesDoNotWriteWorldReadable walks every
+// internal/<provider>/conversation.go file and fails the build if any
+// of them call os.WriteFile / os.MkdirAll with a loose Unix mode
+// literal, or call os.ReadFile (which bypasses the chmod-on-load
+// repair). The intent is to lock in #22 so a tenth provider can't
+// reintroduce the leak by copy-pasting the historic pattern.
+func TestConversationFilesDoNotWriteWorldReadable(t *testing.T) {
+	root, err := repoRoot()
+	if err != nil {
+		t.Fatalf("locate repo root: %v", err)
+	}
+
+	var files []string
+	if err := filepath.WalkDir(filepath.Join(root, "internal"), func(path string, d fs.DirEntry, err error) error {
+		if err != nil {
+			return err
+		}
+		if d.IsDir() {
+			return nil
+		}
+		if filepath.Base(path) == "conversation.go" {
+			files = append(files, path)
+		}
+		return nil
+	}); err != nil {
+		t.Fatalf("walk: %v", err)
+	}
+
+	if len(files) < 9 {
+		t.Fatalf("expected >= 9 conversation.go files (one per provider); found %d. Did the layout change?", len(files))
+	}
+
+	fset := token.NewFileSet()
+	for _, path := range files {
+		t.Run(relpath(root, path), func(t *testing.T) {
+			file, err := parser.ParseFile(fset, path, nil, parser.ParseComments)
+			if err != nil {
+				t.Fatalf("parse %s: %v", path, err)
+			}
+
+			ast.Inspect(file, func(n ast.Node) bool {
+				call, ok := n.(*ast.CallExpr)
+				if !ok {
+					return true
+				}
+				sel, ok := call.Fun.(*ast.SelectorExpr)
+				if !ok {
+					return true
+				}
+				pkg, ok := sel.X.(*ast.Ident)
+				if !ok || pkg.Name != "os" {
+					return true
+				}
+				switch sel.Sel.Name {
+				case "WriteFile", "ReadFile":
+					t.Errorf("%s uses os.%s directly — must go through secfile.WritePrivate/ReadPrivate (drift guard for #22)", fset.Position(call.Pos()), sel.Sel.Name)
+				case "MkdirAll":
+					t.Errorf("%s uses os.MkdirAll directly — must go through secfile.EnsurePrivateDir (drift guard for #22)", fset.Position(call.Pos()))
+				}
+				return true
+			})
+		})
+	}
+}
+
+func repoRoot() (string, error) {
+	// internal/secfile/drift_test.go → ../..
+	abs, err := filepath.Abs(".")
+	if err != nil {
+		return "", err
+	}
+	return filepath.Clean(filepath.Join(abs, "..", "..")), nil
+}
+
+func relpath(root, p string) string {
+	rel, err := filepath.Rel(root, p)
+	if err != nil {
+		return p
+	}
+	return strings.ReplaceAll(rel, string(filepath.Separator), "/")
+}