Init wizard: security posture step mixes audience with exposure/channel concerns

[Aaronontheweb]

Problem

Step 2 of netclaw init (Security Posture) conflates audience disposition with exposure modes and channel configuration. The step should be purely about who the agent trusts, but the current copy leaks networking and transport concerns.

Current copy

Question: "How will this Netclaw instance be accessed?"

Options:

1. Personal — Only you on this machine
2. Team — Shared with trusted teammates (Slack/VPN)
3. Public — Open to untrusted users (webhooks/public)

Help text: "Personal = full shell + tools. Team = no shell, shared tools. Public = minimal tools, restricted filesystem."

Issues

• The question ("How will this be accessed?") reads as a networking question, but controls trust/permissions
• Parentheticals like "(Slack/VPN)" and "(webhooks/public)" leak exposure mode and channel concerns into an audience question
• "Public" is misleading for webhook use cases — verified webhook ingress doesn't mean the agent is "open to untrusted users"
• Help text is terse and jargon-heavy; the difference between Team and Public isn't clear
• Exposure mode and security posture are orthogonal and already separate wizard steps — the copy should reinforce that separation

Suggested direction

• Reframe the question around who will interact: e.g., "Who will interact with this Netclaw instance?"
• Drop transport/exposure parentheticals from option descriptions
• Focus help text on trust implications (what the agent is allowed to do per posture), not how it's reached

Files

• src/Netclaw.Cli/Tui/Wizard/Steps/SecurityPostureStepView.cs
• src/Netclaw.Cli/Tui/Wizard/Steps/SecurityPostureStepViewModel.cs