security: sanitize internal hostname from debug document

lukemarsden · claude · lukemarsden · commit 88757b145b0a · 2025-12-28T08:08:42.000Z
Remove customer's internal hostname from TLS investigation document and replace with generic placeholder to prevent exposure of internal infrastructure details. Reported by: AXA-IM SIRT 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
diff --git a/design/2025-12-08-tls-skip-verify-investigation.md b/design/2025-12-08-tls-skip-verify-investigation.md
@@ -9,7 +9,7 @@ Customer on Helix 2.5.25 reported TLS certificate errors when using a database-c
 
 ```
 ERR app/api/pkg/openai/openai_client.go:256 > failed to list models from OpenAI compatible API
-error="failed to send request to provider's models endpoint: Get \"https://frlas5ap1-0085.axa-im.intraxa:8010/v1/models\":
+error="failed to send request to provider's models endpoint: Get \"https://internal-server.customer.example:8010/v1/models\":
 tls: failed to verify certificate: x509: certificate signed by unknown authority"
 ```
 
