Harden team-memory sync auth and keying for tenant and repo isolation

[romgenie]

Local source: coven-code/issues/12-harden-team-memory-sync-auth-and-keying.md

Summary

Team memory sync should be hardened for hosted GitHub App use. The current implementation keys remote team memory by a repo string and bearer token, which is not sufficient for multi-tenant review.

Current Evidence

• TeamMemorySync stores api_base, repo, token, and team_dir.
• Pull/push endpoints use /api/claude_code/team_memory?repo=<repo>.
• There is no installation id, tenant id, repo id, branch, or visibility domain in the sync key.

Problem

Repo string keying can collide or be misconfigured. Hosted review needs server-side authorization to verify that the caller is allowed to access memory for the tenant/install/repo/domain tuple.

Proposed Design

Change team memory sync request identity to include structured scope:

{
  "tenant_id": "...",
  "installation_id": "...",
  "repo_id": "...",
  "repo_full_name": "owner/repo",
  "domain": "default_branch"
}

The server should authorize this tuple against the token. The client should not rely on repo string alone.

Acceptance Criteria

• Team memory sync API supports tenant/install/repo/domain scope.
• Client refuses hosted sync without full scope.
• Existing repo-string sync remains available for local/backward-compatible mode if needed.
• Tests verify different installation ids do not share remote memory.
• Tests verify different repo ids with same repo name do not share remote memory.

Security Notes

Authorization must be server-side. Client path construction and query parameters are not sufficient security boundaries.