Platform Setup

This board shows platform configuration status. Secrets are stored server-side and never displayed after saving. Configuration values shown as runtime_config are operator-visible settings. Values classified as dev_fixture, test_fixture, governance_constant, docs_example, or seed_data are internal and not operator-editable. See hardcode-classification.md for details.
Manage providers and model profiles. Includes OpenRouter Workspace Chat configuration. Providers and models are loaded from the D1-backed catalog. Secrets are never displayed. Seed/bootstrap entries are not editable beyond enable/disable.
Providers
Model Profiles
Active route policies determine how providers and models are selected for each run type. Fallback chains are ordered by eligibility.
Template IDs: analysis-report-v1, verification-review-v1, implementation-dry-run-v1, follow-up-existing-session-v1, runner-smoke-v1
Allowlist: analysis, verify, execute_dry_run, follow_up, smoke
Runner registry and status.
Manage GitHub personal access tokens for repository access, issue intake, and source control integration. Tokens are validated server-side, encrypted before storage, and never returned to the browser.
OpenCode, Codex CLI, Claude Code, Aider, Goose, etc.
Repo allowlist, branch policy, write scope.
Hard gates before assignment/execution.
Pre-accepted permission profiles that auto-approve safe, low-risk external-directory (temp) requests without a manual Operator Action. Unsafe, broad, secret, and wrong-scope requests always fall back to manual review. The built-in default covers OS temp directories only (%TEMP%, /tmp).
Profiles
Normalized result/evidence capture.
Which configuration values are operator-visible runtime settings versus internal fixtures/constants. runtime_config values are editable in Setup. dev_fixture, test_fixture, governance_constant, docs_example, and seed_data are internal and not operator-editable.
Local/stage/prod endpoints.
Safe health checks for runtime bindings.