{ "generated_at": "2026-06-14T11:26:53.093Z", "system": { "id": "topolo-social-studio", "name": "Social Studio", "slug": "topolo-social-studio", "kind": "application", "summary": "Hybrid desktop and web production surface for social planning, generation, review, and export. This is the only live Studio-branded application in the suite.", "aliases": [], "lifecycle": "active", "last_verified": "2026-05-14", "owners": [ "socialize" ], "repo_paths": [], "external_repo_paths": [ "Apps/business/TopoloSocialStudio" ], "service_ids": [ "srv_nmuJvGQiOnnI" ], "visibility": "public", "api_contract": { "type": "curated", "source": "PlatformApplications/TopoloSocialStudio/package.json", "notes": "Canonical public and internal docs now cover the hybrid desktop, worker, and Nexus-backed AI generation model. The marketing web and desktop shells delegate browser login handoff and one-time sso_code callback redemption to the shared Topolo auth client through the Social Studio application wrapper, with callback effects kept single-pass so one status update cannot cancel the active exchange/bootstrap. The authenticated web and desktop shells render through `TopoloAppShell`, inheriting the shared account, launcher, account-menu Improve Topolo, and TopoloNotify chrome while keeping Studio project navigation product-owned and avoiding standalone floating report controls. Nexus owns the org-wide image-generation default and allowed model catalog for Studio workspaces, while the generate step may expose per-run inline overrides only to callers with the required workspace authority. Social Studio owns the stable Auth service slug `topolo-social-studio`; workers and browser shells resolve the concrete service id from Topolo Auth at runtime through `/api/service-identity`." }, "primary_hosts": [ "https://studio.topolo.app", "https://studio-api.stg.topolo.us", "https://studio.stg.topolo.us" ], "doc_paths": [ "applications/social-studio", "internal/apps/social-studio" ], "security_assurance": { "risk_tier": "high", "auth_boundary": "Topolo Auth `/validate` is the only accepted bearer-token authority for the API worker; Social Studio-owned workspace, channel, publishing, and export rules only narrow access after Auth returns current service permissions.", "tenant_isolation": "organization_scoped", "external_inputs": [ "browser", "api", "callback", "webhook", "queue", "scheduled_task", "third_party_app" ], "sensitive_data": [ "identity", "org_data", "provider_credentials", "customer_content", "telemetry" ], "last_security_review": "2026-04-30", "security_review_status": "reviewed", "pentest_status": "passed", "evidence_doc": "internal/apps/social-studio" }, "data_privacy": { "classification": "restricted", "sensitive_data_classes": [ "communications", "customer_content", "identity", "organization", "provider_credentials", "telemetry" ], "storage_locations": [ "d1", "external_provider", "r2" ], "encryption_at_rest": "application_layer_required", "encryption_in_transit": "https_only", "key_management": "versioned_platform_key_required", "retention_policy": "partial", "deletion_export_status": "planned", "logging_redaction_status": "needs_review", "privacy_review_status": "reviewed", "enterprise_ready": false, "evidence_doc": "internal/apps/social-studio" }, "dependencies": [ "topolo-auth", "applications-packages", "topolo-nexus" ], "bugfix_policy": { "tier": "autonomous", "preferred_agent": "either", "require_validator": false }, "public_hub_url": "/systems/topolo-social-studio", "internal_hub_url": null, "application_api_url": "/reference/apps/topolo-social-studio", "generated_openapi_url": null, "machine_urls": { "system": "/machine/systems/topolo-social-studio.json", "application": "/machine/applications/topolo-social-studio.json" } }, "docs": { "public": [ { "id": "applications/social-studio", "title": "Topolo Social Studio", "summary": "Public overview of the hybrid desktop and Cloudflare runtime used for AI-assisted social content planning and generation.", "audience": "public", "tags": [ "desktop", "social", "generation", "creative" ], "url": "/applications/social-studio", "last_verified": "2026-05-13" } ], "internal": [], "runbooks": [] }, "authority": { "owners": [ "socialize" ], "repo_paths": [], "service_ids": [ "srv_nmuJvGQiOnnI" ], "dependencies": [ "topolo-auth", "applications-packages", "topolo-nexus" ], "aliases": [] }, "interfaces": { "contract_type": "curated", "contract_source": "PlatformApplications/TopoloSocialStudio/package.json", "contract_source_exists": false, "openapi": null, "readme": null }, "auth": { "depends_on_topolo_auth": true, "api_key_scopes": [ { "id": "aks_social_studio_api_keys_write", "name": "api_keys.write", "description": "Manage Social Studio machine credentials", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_social_studio_approvals_write", "name": "approvals.write", "description": "Approve and route creative work", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_social_studio_assets_read", "name": "assets.read", "description": "View creative assets and generated outputs", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_social_studio_assets_write", "name": "assets.write", "description": "Upload and manage creative assets", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_social_studio_briefs_read", "name": "briefs.read", "description": "View creative briefs and production requests", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_social_studio_briefs_write", "name": "briefs.write", "description": "Create and manage creative briefs", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_social_studio_exports_read", "name": "exports.read", "description": "View export history and delivery status", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_social_studio_generation_write", "name": "generation.write", "description": "Start and manage generation workflows", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_social_studio_settings_write", "name": "settings.write", "description": "Manage workspace and delivery settings", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_social_studio_workspace_read", "name": "workspace.read", "description": "Load creative workspace state and planning queues", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_social_studio_workspace_write", "name": "workspace.write", "description": "Manage workspace setup and operating workflow", "resourcePattern": null, "kind": "api_key_scope" } ], "service_permissions": [ { "id": "perm_social_studio_api_keys_write", "name": "api_keys:write", "description": "Manage Social Studio machine credentials", "resourcePattern": null, "kind": "permission" }, { "id": "perm_social_studio_approvals_write", "name": "approvals:write", "description": "Approve and route creative work", "resourcePattern": null, "kind": "permission" }, { "id": "perm_social_studio_assets_read", "name": "assets:read", "description": "View creative assets and generated outputs", "resourcePattern": null, "kind": "permission" }, { "id": "perm_social_studio_assets_write", "name": "assets:write", "description": "Upload and manage creative assets", "resourcePattern": null, "kind": "permission" }, { "id": "perm_social_studio_briefs_read", "name": "briefs:read", "description": "View creative briefs and production requests", "resourcePattern": null, "kind": "permission" }, { "id": "perm_social_studio_briefs_write", "name": "briefs:write", "description": "Create and manage creative briefs", "resourcePattern": null, "kind": "permission" }, { "id": "perm_social_studio_exports_read", "name": "exports:read", "description": "View export history and delivery status", "resourcePattern": null, "kind": "permission" }, { "id": "perm_social_studio_generation_write", "name": "generation:write", "description": "Start and manage generation workflows", "resourcePattern": null, "kind": "permission" }, { "id": "perm_social_studio_settings_write", "name": "settings:write", "description": "Manage workspace and delivery settings", "resourcePattern": null, "kind": "permission" }, { "id": "perm_social_studio_workspace_read", "name": "workspace:read", "description": "Load creative workspace state and planning queues", "resourcePattern": null, "kind": "permission" }, { "id": "perm_social_studio_workspace_write", "name": "workspace:write", "description": "Manage workspace setup and operating workflow", "resourcePattern": null, "kind": "permission" } ] }, "runtime": { "primary_hosts": [ "https://studio.topolo.app", "https://studio-api.stg.topolo.us", "https://studio.stg.topolo.us" ], "repo_entries": [], "wrangler_surfaces": [], "packages": [] }, "data": { "env_vars": [], "bindings": [], "queue_bindings": [], "storage_kinds": [], "workflow_signals": [] }, "deployment": { "commands": [], "routes": [], "environments": [], "assets_directories": [], "observability_enabled": false }, "debugging": { "failure_modes": [ "No wrangler.toml surface was discovered under the registered repo paths.", "The registered contract source is missing: PlatformApplications/TopoloSocialStudio/package.json", "Neither OpenAPI nor README-derived interface detail was found." ], "entrypoints": [ "PlatformApplications/TopoloSocialStudio/package.json" ] } }