docs: accuracy pass β fix stale numbers, honest security layering#41
Conversation
β¦op SOC2 claim - CONTRIBUTING.md: fix test count (was '207 across 5 suites', actual is 8 suites) - AGENTS.md: fix '24-check' audit claim, add missing bin/ files to repo layout - README.md: replace SOC2 tagline with 'but paranoid', tone down kernel-level walls claim, add file permissions as explicit security layer, clarify tool-guard scope (blocks Edit/Write tools, not sed/python through bash), fix Adding Agents section - SECURITY.md: fix misleading bind mount claim (commented out, not applied), add file permissions layer to self-modification table, honest tool-guard description, fix deploy command (no sudo needed), fix credential inventory (list all LLM keys)
Greptile SummaryDocumentation accuracy audit that brings all docs into alignment with actual code implementation. Fixes outdated test counts, corrects security descriptions to honestly represent what each layer does and doesn't do, removes non-existent SOC2 compliance claim, and expands incomplete file listings. Key philosophical improvement: the security stack and self-modification defense tables now clearly state tool-guard's actual boundaries β it blocks Edit/Write pi tools and known bash patterns, but can't prevent All changes are corrections to existing documentation with no code modifications. Confidence Score: 5/5
Important Files Changed
Last reviewed commit: 4b81c54 |
Audited all docs against actual code. Fixes:
Key philosophical change: the security stack table and self-modification defense table now honestly state what tool-guard does and doesn't do. It blocks Edit/Write pi tools and known bash patterns, but can't prevent
sed/pythonwrites through bash β that's whatchmod a-wfile permissions are for. Each layer's actual boundary is now clear.