Revise ADR-004 to a service-role standard: every service is its own self-contained role with a required file set including SECURITY.md, uniform deploy mechanics, and a deferred shared-engine option (with revisit trigger) recorded in the ADR. Add the per-service security record: - docs/security/service-security-template.md — canonical SECURITY.md template (exposure, checklist status, service-specific hardening, residual risks) - roles/<service>/SECURITY.md is where each service records how it meets the bar; /security-review aggregates roles/*/SECURITY.md and cross-checks against config - service-checklist.md noted as the generic bar the record answers Wire-up: new-role runbook step writes SECURITY.md from the template; ADR-002 governance bullet points at it; CLAUDE.md role conventions require it and mandate one-role-per-service; STATUS records the convention as defined-not-yet-applied. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| decisions | ||
| hardware | ||
| reviews | ||
| runbooks | ||
| security | ||
| superpowers | ||
| FRICTION.md | ||
| README.md | ||
| TODO.md | ||
docs/
Project documentation.
decisions/— Architecture Decision Records (ADRs): the "why" behind the design. Numbered from 001; each records context, the decision, and what was ruled out.runbooks/— step-by-step operational procedures (add a host, add a role, rotate secrets).
For what is actually built vs only designed, see STATUS.md at the repo root —
the ADRs describe intent, not necessarily current reality.