Skip to content

docs: Auditoría TESELA OMEGA v11 (read-only) — informe forense Grupo Tesela#18

Draft
israel2606 wants to merge 3 commits into
mainfrom
claude/tesela-omega-audit-docs
Draft

docs: Auditoría TESELA OMEGA v11 (read-only) — informe forense Grupo Tesela#18
israel2606 wants to merge 3 commits into
mainfrom
claude/tesela-omega-audit-docs

Conversation

@israel2606

@israel2606 israel2606 commented Jun 25, 2026

Copy link
Copy Markdown
Owner

Resumen

Entrega de la auditoría forense TESELA OMEGA v11 del ecosistema digital de Grupo Tesela, ejecutada en modo read-only (sin cambios en producción, sin despliegues, sin borrados, sin secretos expuestos).

Esta rama contiene solo documentación — parte limpia desde main, sin tocar código Go, go.mod, ni nada del servidor MCP. Sustituye al PR #17, que arrastraba toda la divergencia de la rama de desarrollo y tenía CI roja por un merge incoherente preexistente (ajeno a la auditoría).

Contenido

  • _REPORT/MASTER_REVIEW_SISTEMA.md — punto de entrada único: mapa del sistema, estado del ERP en vivo, riesgos P0/P1, decisiones D1–D4, planes 7/30/90 días.
  • tesela_omega_audit/ — 79 archivos en 10 directorios (ejecutivo, inventario, forense, seguridad, costes, arquitectura, reparación, producto/negocio, dashboards, apéndices) + SESION_ESTADO.md.

Hallazgos P0 (reportados, NO reparados)

  1. claude_sessions escribible por anónimos, consumida por agentes IA con permisos de escritura → vector de prompt-injection hacia producción.
  2. Sin backup robusto (plan Free, sin PITR) sobre 62 facturas + 47 contactos reales.

Las reparaciones están en tesela_omega_audit/06_REPAIR/REPAIR_PLAN.md (Fases A/B/C) y requieren aprobación explícita. Esta PR no las aplica.

Decisiones pendientes (dirección)

# Decisión Recomendación
D1 Fuente única de la verdad erp-grupo-tesela (operación) + Tesela-iA-v.0 (análisis)
D2 Sacar ERP del repo público Sí → repo privado dedicado
D3 Subir a Supabase Pro (PITR) Sí (~25 $/mes)
D4 Cerrar claude_sessions a anon Sí, inmediato

Verificación

  • Solo documentación: 0 cambios en pkg/, cmd/, internal/, go.mod.
  • Sin secretos reales en el repo (verificado con git grep).

🤖 Generated with Claude Code

https://claude.ai/code/session_01PKkvWSji6Gz89BK3N15Z5u

Generated by Claude Code

@claude
docs(tesela-omega): forensic audit deliverable (read-only)
4270e93 
Adds the TESELA OMEGA v11 read-only audit of the Grupo Tesela digital
ecosystem as documentation only — no code, no go.mod, no production
changes, no secrets.

- _REPORT/MASTER_REVIEW_SISTEMA.md: single consolidated entry point
- tesela_omega_audit/: 79 files across 10 directories (executive,
  inventory, forensics, security, costs, architecture, repair,
  product/business, dashboards, appendices) + session state file

Two P0 risks documented (claude_sessions anon r/w; no PITR on Free)
and 4 pending decisions (D1-D4). Repairs are documented but NOT applied;
they require explicit approval.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01PKkvWSji6Gz89BK3N15Z5u
@netlify

netlify Bot commented Jun 25, 2026
edited
Loading

Copy link
Copy Markdown

Deploy Preview for neon-toffee-d6b114 ready!

Name Link
🔨 Latest commit c946010
🔍 Latest deploy log https://app.netlify.com/projects/neon-toffee-d6b114/deploys/6a3d0d0665835500082c8ad4
😎 Deploy Preview https://deploy-preview-18--neon-toffee-d6b114.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.
🤖 Make changes Run an agent on this branch

To edit notification comments on pull requests, go to your Netlify project configuration.

@netlify

netlify Bot commented Jun 25, 2026
edited
Loading

Copy link
Copy Markdown

Deploy Preview for cosmic-quokka-b1b316 ready!

Name Link
🔨 Latest commit c946010
🔍 Latest deploy log https://app.netlify.com/projects/cosmic-quokka-b1b316/deploys/6a3d0d065118300007924655
😎 Deploy Preview https://deploy-preview-18--cosmic-quokka-b1b316.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.
🤖 Make changes Run an agent on this branch

To edit notification comments on pull requests, go to your Netlify project configuration.

@israel2606 israel2606 mentioned this pull request Jun 25, 2026
Closed
claude added 2 commits June 25, 2026 11:11
@claude
docs(tesela-omega): add offline-resume instructions to session state
94f1ecb 
Documents how to continue the work without this ephemeral session:
portable zip, git clone/checkout of both branches, and what to hand an
AI agent to resume with full context.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01PKkvWSji6Gz89BK3N15Z5u
@claude
chore: ignore generated offline audit zip artifact
c946010 
The portable tesela_omega_audit_OFFLINE.zip is delivered to the user
directly and is fully derivable from the tracked docs; keep it out of
version control.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01PKkvWSji6Gz89BK3N15Z5u
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@israel2606 @claude