TL;DR
SkyRun GC is a single-operator ambient automation system running on Joseph's Mac. It handles L3-Sensitive PII (~865 prospects) and L4-Restricted secrets (CF API tokens). As of the 2026-05-02 PM enterprise sweep, the posture is at "small-team SaaS" baseline:
- ✅ Secrets in macOS Keychain (not plaintext)
- ✅ File permissions hardened (600/700, drift-detecting watchdog)
- ✅ Atomic writes for critical state
- ✅ Schema validation + repair tooling
- ✅ 57-gate continuous verification (gate-proof-runner daily)
- ✅ Hourly system_hygiene watchdog
- ✅ Quarterly backup (3-source: user + runtime + memory + secrets manifest)
- ✅ Incident runbook + disaster recovery procedures documented + tested
- ⚠️ FileVault disk encryption: OFF (P0 operator action — only requires reboot + recovery key)
- ⚠️ Some browser-session auth still in use (HS, Track, BV) instead of scoped API tokens
- ⚠️ No SOC2/ISO27001 certification (single-operator system, not customer-facing infra; certification is overkill)
This document is the catalog. Each control has its own dedicated doc — this just maps them.
Threat model
What we're protecting
- Prospect PII (~865 leads with name, email, phone, address, AV, purchase price)
- Active customer roster (~141 emails, 97 phones, 263 name tokens — Rachel's DNC list)
- Operator (Joseph's) credentials (CF, HS, Workspace, SmartLead, BV, Anthropic)
- Operator's pipeline state (deal stages, voice calibration, transcript history)
- Operator's revenue + commission data (HS annualrevenue field)
Against whom
| Threat actor | Likelihood | Impact | Primary control |
|---|---|---|---|
| Opportunistic theft (Mac stolen) | LOW-MED | HIGH | FileVault (currently OFF), iCloud Find My + remote wipe |
| Phishing → credential compromise | MED | HIGH | 2FA on all accounts, Keychain, no plaintext secrets |
| SaaS vendor breach (HS, CF, Gmail) | LOW per-vendor | MED-HIGH | Vendor security register, rotation cadence, DPA tracking |
| Misdirected outbound (wrong recipient) | MED | MED | DNC system, prior-decision check gate, current-customer gate |
| Schema corruption (silent data loss) | LOW | HIGH | Atomic writes, schema_guards validation, gate-proof-runner |
| Skill regression (false-positive HS update) | MED | MED | HS-live-query gate, verified-sent gate, gate-proof-runner |
| Insider threat (Joseph compromised) | N/A | N/A | Not in scope (single-operator system) |
Control catalog
Identity + access
- Single human operator: Joseph Bowens. No multi-user provisioning needed.
- Account-level 2FA: Joseph's responsibility on each vendor — verified state not auto-monitored. Action: confirm 2FA ON for HubSpot, Cloudflare, Google Workspace, Anthropic, SmartLead, BeenVerified.
- Cloudflare Access (CF Access): the operator-facing PWA at
brief.josephbowens.comis locked behind CF Access policy: only Joseph.Bowens@SkyRun.com can authenticate. - macOS user: single user
josephbowens; all SkyRun files owned by this user. No group-readable PII.
Secrets management
- Primary: macOS Keychain via
securityCLI. Wrapper at~/Library/Application Support/SkyRun/secrets.py. - Service:
SkyRun. Accounts:cloudflare_api_token,ntfy_topic. Future:hubspot_api_token,fleet_*. - .env shim:
~/Library/Application Support/SkyRun/.envis a backwards-compat shim that pulls from Keychain at source-time. Subshells (deploy_pwa.sh, etc.) get correct values. No plaintext secrets on disk. - Rotation: target 90 days. system_hygiene flags
cf_token_age_reminderwhen.envis older than 90 days.
Data at rest
- File mode discipline: L3-PII files chmod 600; L3-PII dirs chmod 700. Drift detected + auto-restored hourly by system_hygiene.
- Disk encryption: ⚠️ FileVault is OFF. Top operator action. Until enabled, anyone with physical Mac access can read all PII.
- iCloud Drive sync: SkyRun folder mirrors to operator's Workspace Drive. Drive at-rest encryption applies (Google standard). Recommend Advanced Data Protection if available.
- Time Machine: active per
tmutil status. Local backup target. - Quarterly zip:
quarterly_backup.shcreates rotating 4-quarter local + iCloud-mirrored zips. Includes 3 sources: user-tree + runtime + memory + secrets-manifest. Secret VALUES stay in Keychain (encrypted; survive zip without leaking).
Data in transit
- HTTPS everywhere: all vendor APIs (CF, HS, BV, SmartLead, Anthropic, ntfy) use TLS 1.2+ by default.
- Chrome MCP CSRF: uses Chrome's authenticated session for HubSpot. Cookies don't leave the Mac.
- Gmail MCP: OAuth 2.0; refresh tokens managed by harness.
- No raw TCP/UDP outbound other than HTTPS + standard system services.
Application integrity
- Atomic writes:
schema_guards.atomic_write_json()+atomic_write_text(). Used for KG, memory updates, state files. - Schema validation:
schema_guards.pyvalidators for heartbeat, pending_drafts, pending_hs_updates, KG. Validators + repair tooling. - Gate-proof-runner: 57 daily gates verifying foundational integrity (HS-live-query gate, prior-decision-check, freshness gate, heartbeat schema, DNC, validator R1-R18, commitment freshness, lock cleanup, bounce-handler RFC-5321, KG drift, foundation health, secrets vault present, perms, FileVault status, backup script coverage).
- Stay-green discipline: heartbeat status MUST be ok/partial/skipped/error. Don't yellow-flag noise. Codified in
feedback_stay_green_discipline.md.
Monitoring + alerting
- Heartbeat schema: every skill writes a canonical heartbeat per
reference_heartbeat_schema.md. 5 fields required, never null. - Hourly system-hygiene: zombie kill, log trim, MCP drift, lock cleanup, perm drift restoration, secret presence check, token age reminder, FileVault check, memory integrity check.
- Daily gate-proof: 57-check end-to-end verification. Heartbeat written. RED on any failure.
- Daily nightly-consolidation: Section F computes health summary; F2 surfaces stale queues; F3 surfaces operator-pending; F4 acks known dups.
- Push (ntfy): RED conditions push immediately at
urgentpriority. - Approval queue (PWA): every operator-action item surfaces in iPhone PWA with deep links.
- Audit trail: every skill writes to
~/Desktop/SkyRun/audit/<date>/<skill>_<short>.jsonper fire.
Logical integrity gates (preventing the most expensive bugs)
| Gate | Codified in | Prevents |
|---|---|---|
| Gate 1: HS deal stage = LIVE API | feedback_hs_stage_source_of_truth.md | False "Contract Sent" notifications (Hadank case) |
| Gate 2: Prior-decision check before drafting | feedback_check_prior_decisions_before_drafting.md | Drafting to vetoed prospects (Tim Beegle case) |
| Gate 3: Freshness before surfacing as overdue | feedback_freshness_before_surface.md | False stalled-deal flags (Devine + Jamie case) |
| Gate 4: Heartbeat schema compliance | reference_heartbeat_schema.md | Invisible-to-watchdog tasks (5/10 had nulls until 4/30 audit) |
| Gate 5: Heartbeat-as-truth | nightly-consolidation Section F | False "tasks ran today" claims |
| Gate 6: Verified-sent | feedback_email_status_verification.md | False "Joseph sent X" claims (Weber case) |
| Stay-green discipline | feedback_stay_green_discipline.md | YELLOW dilution from non-actionable noise |
Disaster recovery
See reference_disaster_recovery.md. RTO 24h; RPO ≤90d worst case (typical few days via Drive).
Incident response
See reference_incident_runbook.md. 8 documented scenarios with step-by-step procedures.
Vendor risk
See reference_vendor_security_posture.md. Tier-1/2/3 register with rotation cadences, DPA status, sub-processors.
Maturity assessment vs. enterprise frameworks
NIST CSF (Cybersecurity Framework) — informal alignment
| Function | Maturity | Notes |
|---|---|---|
| Identify (asset inventory, risk assessment) | 🟡 Medium | Asset inventory good (data_classification + vendor_register); formal risk reg pending |
| Protect (access control, data security, training) | 🟡 Medium | Good for single-operator; FileVault OFF is the gap |
| Detect (continuous monitoring) | 🟢 Strong | gate-proof + system-hygiene + heartbeats |
| Respond (incident response) | 🟢 Strong | Runbook documented, 8 scenarios |
| Recover (recovery planning, improvements) | 🟢 Strong | DR procedure documented, RTO/RPO defined |
SOC 2 Trust Services Criteria — informal alignment
- Security: ✅ Reasonable controls in place (Keychain, perms, monitoring, IR). Gap: FileVault OFF, no formal vendor due-diligence beyond DPA tracking.
- Availability: ✅ Backup + DR documented; RTO 24h.
- Processing Integrity: ✅ Schema validation, atomic writes, gate-proof.
- Confidentiality: 🟡 Good for single-operator; would need encryption-at-rest (FileVault) + formal data-handling policies for SOC 2 Type II.
- Privacy: 🟡 Right-to-be-forgotten procedure documented (data_classification.md DSAR section). No formal privacy notice published yet.
Conclusion
SkyRun GC is at small-team-SaaS-baseline-plus-disciplined-controls. It is NOT certified — certification (SOC 2 Type II, ISO 27001) would require external audits, formal management commitments, and overhead disproportionate to a single-operator system handling its own operator's customer prospects.
For a system at this scope, the posture is appropriate. The remaining gaps (FileVault OFF, browser-session auth for some vendors) are tracked operator actions, not architectural debt.
Operator actions outstanding
P0 — do this week
1. Enable FileVault. System Settings → Privacy & Security → FileVault → Turn On. Reboots required. Save recovery key to a safe place. Once on, all data on disk is encrypted with operator's login password.
P1 — do this month
2. Verify 2FA enabled on all accounts: HubSpot, Cloudflare, Google Workspace, Anthropic, SmartLead, BeenVerified. (Joseph's responsibility; check each vendor's security settings.)
3. Enable iCloud Advanced Data Protection for E2E iCloud encryption.
4. Enable iCloud Keychain if not already (so Keychain secrets sync to a recovery device).
5. Touch the iCloud backup flag: touch ~/Library/Application\ Support/SkyRun/.icloud_backup_enabled so quarterly backups mirror to iCloud.
6. Tabletop the DR procedure on a secondary Mac (or Time Machine restore test).
P2 — do this quarter
7. Migrate HS auth from cookie-CSRF to a Private App API token (currently chrome_bridge'd; cleaner with proper API token).
8. Run the first manual rotation of the CF token — proves the procedure works end-to-end.
9. Annual vendor register review — already scheduled.
Cross-references
reference_data_classification.md— PII inventory by classification levelreference_vendor_security_posture.md— per-vendor risk registerreference_incident_runbook.md— 8 IR scenariosreference_disaster_recovery.md— Mac-loss recoveryreference_heartbeat_schema.md— canonical task heartbeat formatfeedback_stay_green_discipline.md— health classification disciplinefeedback_hs_stage_source_of_truth.md— Gate 1 (HS-live-query)feedback_check_prior_decisions_before_drafting.md— Gate 2 (prior-decision)feedback_freshness_before_surface.md— Gate 3 (freshness)feedback_email_status_verification.md— Gate 6 (verified-sent)reference_quarterly_backup.md— backup mechanicsreference_dnc_system.md— DNC enforcement~/Library/Application Support/SkyRun/gate_proof_runner.sh— 57-check verifier~/Library/Application Support/SkyRun/system_hygiene.sh— hourly watchdog~/Library/Application Support/SkyRun/secrets.py— Keychain wrapper~/Library/Application Support/SkyRun/schema_guards.py— schema + atomic writes