Security / correctness issue
Current profile/README.md has two problems:
1. Incorrect link — points to non-existent WasmAgent repo
Line references [claude-bot](https://github.com/WasmAgent/claude-bot) — this repo does not exist. The actual bot lives at telleroutlook/claude-bot which is a personal (non-org) repository.
Listing it here:
- Creates a broken link in the public org page
- Implies claude-bot is part of WasmAgent, which is misleading
- Leaks information about the operator's personal account (
telleroutlook)
Fix: remove the row entirely. claude-bot is an operational tool of the org's maintainer, NOT an org-owned repo.
2. Private repo wasmagent-ops should not appear on the public profile
The row for wasmagent-ops describes it as "Private operations hub — media, release, research, and security operations". This is a private repository. Publishing its existence + description on the public org profile:
- Reveals internal structure to anyone browsing WasmAgent
- Any linked outsiders will get a 404 (since they can't see private repos)
- Publishing the description ("security operations for the org") is a security-relevant info leak
Fix: remove the wasmagent-ops row from any public table on profile/README.md.
3. Also remove the "Internal tools" paragraph
The section titled "Internal tools" explicitly names claude-bot and wasmagent-ops. If both rows are removed, this paragraph has no subject. Delete the paragraph entirely.
Acceptance criteria
profile/README.md no longer contains the string claude-bot (in any URL or description)
profile/README.md no longer contains the string wasmagent-ops
- The "Internal tools" section is removed
- No new lint errors from removed anchor references (search for
internal-tools anchors elsewhere and remove)
Priority
Highest. This is a public information-leak concern: the org profile is served to any GitHub user visiting github.com/WasmAgent. Every hour these lines are up is a minor operational-secrecy leak.
Related
- No dependencies. Should be implemented as a standalone doc-only PR.
Security / correctness issue
Current
profile/README.mdhas two problems:1. Incorrect link — points to non-existent WasmAgent repo
Line references
[claude-bot](https://github.com/WasmAgent/claude-bot)— this repo does not exist. The actual bot lives attelleroutlook/claude-botwhich is a personal (non-org) repository.Listing it here:
telleroutlook)Fix: remove the row entirely.
claude-botis an operational tool of the org's maintainer, NOT an org-owned repo.2. Private repo
wasmagent-opsshould not appear on the public profileThe row for
wasmagent-opsdescribes it as "Private operations hub — media, release, research, and security operations". This is a private repository. Publishing its existence + description on the public org profile:Fix: remove the
wasmagent-opsrow from any public table onprofile/README.md.3. Also remove the "Internal tools" paragraph
The section titled "Internal tools" explicitly names
claude-botandwasmagent-ops. If both rows are removed, this paragraph has no subject. Delete the paragraph entirely.Acceptance criteria
profile/README.mdno longer contains the stringclaude-bot(in any URL or description)profile/README.mdno longer contains the stringwasmagent-opsinternal-toolsanchors elsewhere and remove)Priority
Highest. This is a public information-leak concern: the org profile is served to any GitHub user visiting
github.com/WasmAgent. Every hour these lines are up is a minor operational-secrecy leak.Related