Skip to content

docs: sharpen LIMITATIONS boundaries (tool path + key custody)#161

Closed
sergeyenin wants to merge 1 commit into
mainfrom
docs/limitations-enhance-from-155
Closed

docs: sharpen LIMITATIONS boundaries (tool path + key custody)#161
sergeyenin wants to merge 1 commit into
mainfrom
docs/limitations-enhance-from-155

Conversation

@sergeyenin
Copy link
Copy Markdown
Contributor

@sergeyenin sergeyenin commented Jun 3, 2026
edited by cursor Bot
Loading

Summary

Enhances the existing LIMITATIONS.md with two honest scope points contributed in the community PR #155 by @ded-furby, adapted into the current structure:

  • Tool-governance boundary — adds: "It does not prevent the same tool from being invoked on a path that does not pass through Talon." This closes a real gap a skeptical reviewer would ask about.
  • Evidence boundary — folds the signing-key-custody assumption directly into the integrity claim: "...signed with the deployment's configured key and — assuming that key remains protected — has not been modified since signing."

Context

LIMITATIONS.md already landed on main (closing #117) with a capability status table, source-code links, EU-routing/PII honesty, and docs-surface cross-links. PR #155 proposed a parallel, standalone version that now conflicts with main and no longer closes #117. Rather than lose its best ideas, this PR captures the two unique, high-value lines from #155 and credits the author via Co-authored-by.

Test plan

  • Claim-discipline guard passes (scripts/check-claim-discipline.sh).
  • Diff is limited to the two intended lines; existing links unchanged.
  • Docs workflow (link check + claim guard) passes in CI.

Note

Low Risk
Documentation-only edits to LIMITATIONS.md with no runtime or security behavior changes.

Overview
LIMITATIONS.md tightens two scope statements so reviewers see where Talon’s claims stop.

The evidence boundary now states that a valid signature means the record was signed with the deployment key and, assuming that key stays protected, was not altered after signing—making key custody an explicit assumption in the integrity claim.

The tool-governance boundary adds that Talon does not block the same tool from running on traffic that bypasses Talon (only the gateway path gets request-body filtering today).

Reviewed by Cursor Bugbot for commit c9a8d59. Configure here.

@sergeyenin @ded-furby
docs: sharpen LIMITATIONS boundaries (tool path + key custody)
c9a8d59 
Fold two honest scope points from the community PR #155 (@ded-furby) into
the existing LIMITATIONS.md:

- Tool-governance: note that Talon does not prevent the same tool from
  being invoked on a path that does not pass through Talon.
- Evidence: state the signing-key-custody assumption inline in the
  integrity claim ("assuming that key remains protected").

Co-authored-by: ded-furby <ded-furby@users.noreply.github.com>
@sergeyenin
Copy link
Copy Markdown
Contributor Author

sergeyenin commented Jun 3, 2026

Closing this in favor of giving @ded-furby ownership of the improvement in #155 — the two refinements here (the "same tool invoked on a path outside Talon" scope note and folding the signing-key-custody assumption into the HMAC claim) are better landed by the original author. See my note on #155. Branch is preserved in case we need to revive it.

@sergeyenin sergeyenin closed this Jun 3, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Write LIMITATIONS.md

1 participant

@sergeyenin