subagentidentities

.com agent identity
4 access bundles, live from D1

Access bundles

Named sets of credentials and instructions, generalized from claude-tag's Access bundle primitive -- real bundles from this repo's own profiles/*.json and Docker MCP Toolkit catalog, not invented examples. See the grounding for what each column means.

claude_desktop_chat

attached to: Claude Desktop "Chat" tab (profiles/claude_desktop_chat.json)
connections

no connections attached

credential pattern

N/A — no MCP servers, no workspace folder; pure conversation, matching add-connections.md's own note that "Slack-only use cases like triage, catch-up, and turning threads into docs run with none [connections]"

allowed hosts

None — no MCP servers means no outbound egress from this profile at all

plugins / skills

None attached

grounded in

profiles/claude_desktop_chat.json, "_description": "Minimal Claude Desktop — Chat tab only. No MCP servers, no workspace folder."

claude_desktop_cowork

attached to: Claude Desktop "Cowork" tab (profiles/claude_desktop_cowork.json) — surface macos__desktop_cowork__engineering_coworker
connections

cloudflaregithubfilesystemchrome-devtoolsengineering-coworker

credential pattern

Each MCP server runs as a local npx/binary process under the Mac's own OS-level auth (SSH keys, cargo/wrangler sessions, Cloudflare API token) rather than a service account provisioned in a console — the personal-account/DM shape, not the channel/service-account shape

allowed hosts

Whatever each of the 5 local MCP servers can reach on this one Mac — no centrally configured Domains allowlist, since these are local process spawns, not proxied network egress

plugins / skills

engineering-coworker (the dedicated Rust MCP server for cargo/wrangler/git/D1) is itself the "plugin" here — a bundle of deterministic tools travelling with this scope, the same relationship add-connections.md describes between a Datadog credential and a Datadog plugin

grounded in

profiles/claude_desktop_cowork.json; CLAUDE.md, "macOS Claude Desktop profiles"

claude_desktop_code

attached to: Claude Desktop "Code" tab (profiles/claude_desktop_code.json)
connections

cloudflaregithubfilesystempostgressubagentjobs-mcp

credential pattern

Same local-process pattern as the Cowork bundle, plus subagentjobs-mcp — this repo's own dogfood MCP server (crates/mcp-server), added specifically so this profile can exercise the repo's own tooling the way an admin would test a new connection before rolling it out

allowed hosts

Whatever the 5 local MCP servers reach on this Mac, plus whatever subagentjobs-mcp's own Postgres/Redis backing stores expose locally

plugins / skills

subagentjobs-mcp is this repo's own "skills repository" analogue (add-connections.md, "Anthropic provides plugins for common tools, and you can add your own from a skills repository") — a self-authored plugin dogfooding this exact primitive

grounded in

profiles/claude_desktop_code.json; CLAUDE.md, "macOS Claude Desktop profiles"

docker_mcp_toolkit_catalog

attached to: cloud__docker_mcp__engineering_coworker surface (every cloud-inference session using the Docker MCP Toolkit)
connections

17 snapshotted Docker Desktop MCP Toolkit servers

credential pattern

Provisioned once into the Docker Desktop MCP Toolkit catalog and shared by every cloud__* session regardless of who invoked it — the exact channel/service-account shape add-connections.md describes: "Connections belong to the agent identity, not to any person."

allowed hosts

Whatever the 17 catalog servers' own credentials are scoped to reach — centrally configured once, not per-session, matching add-connections.md's "configure once, everyone in the scope can use it immediately"

plugins / skills

This repo's own CLAUDE.md rule is the plugin/instruction layer that travels with this bundle: "code written for cloud__* surface must use mcp__MCP_DOCKER__* tools only" — already seeded as dir_naming_ontology_enforcement on the directives table

grounded in

CLAUDE.md, "Naming ontology" + "cloud__docker_mcp__engineering_coworker — Claude inference in Anthropic cloud using Docker MCP Toolkit catalog servers (17 servers snapshotted in Docker Desktop MCP Toolkit)"