Pick a file in Files to edit it here.
Ran 1 shell command
● bootstrap syntax OK; worker regenerated, parses, has the new route + injection. Now deploy the worker and set the two secrets (CONNECTOR_TOKEN = the tunnel
connector token, CONNECTOR_CODE = a fresh one-time code) — nothing sensitive echoed.
Ran 1 shell command
● Deployed — secrets set, custom domain re-attached (v1 token had the scope), version 6121bd6d. Now verify the live endpoint end-to-end without echoing secrets:
Ran 1 shell command
● All six checks pass — Task A (automated token fetch) is live and verified:
- /connector-token?code=<valid> → the 240-char token; no/wrong code → 404.
- ?mode=cloud embeds the one-time code; the plain/local script has it empty (no leak).
- Browser page still 200.
Let me commit Task A, then start a background watcher that auto-burns the token secret once the Mac's connector registers (or after ~2h), so the token isn't
fetchable longer than needed (a leaked connector token is a real MITM risk on first SSH connect).
Pushed to main
● Committed + pushed (81aab28..1b84565; worker.gen.js is correctly gitignored). Now the auto-burn watcher in the background:
Running 1 shell command…
✽ Dilly-dallying… (11m 31s · ↓ 47.5k tokens)
⎿ Tip: Use /btw to ask a quick side question without interrupting Claude's current work
❯ /compact
──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────── continue-conversation ──
❯ Press up to edit queued messages
⏵⏵ bypass permissions on (shift+tab to cycle) · ← for agents · esc to interrupt