Handbook
Wizard — operator trust boundaries
A concise map of who may observe or mutate Wizard session data versus your git working tree, LLM vendors, and Forge Fleet. Implementation touch points live under lenses/blueprints_wizard/ in the forge-lenses repository.
Updated
What it is
A concise map of who may observe or mutate Wizard session data versus your git working tree, LLM vendors, and Forge Fleet. Implementation touch points live under lenses/blueprints_wizard/ in the forge-lenses repository.
Boundaries (expanded)
| Surface | Ships today | Operator responsibility |
|---|---|---|
| Browser (Studio) | Renders steps; holds transient UI state | Hard-refresh can drop unsaved UI — rely on server persistence for the session envelope |
| Lenses HTTP API | GET/POST families under /api/blueprints/wizard/* (builder API) |
Restrict network path to trusted clients on your LAN/VPN |
.lenses-local/ |
Session JSON, telemetry, optional export scratch | Classify as sensitive working data — backup/retention per Security and local-first |
| Product repos | Wizard does not auto-commit Blueprints submodule or product branches | Review diffs yourself; exports are suggestions |
| LLM | Optional Refine / Interpret / similar POST routes | Redact regulated content; route via approved gateways |
| Forge Fleet | Optional async jobs when wired | Bearer tokens are production secrets |
Sequence view
Same story as the overview diagram — trust flows across Studio, Lenses, and optional outbound services:
Sequence view
Actor / trigger
|
v
System step
|
v
Outcome / handoffVerify
Your runbook names where session files live on disk (.lenses-local/…) and states that no Wizard route implies an automatic git push.