This repository is intended to contain only sanitized framework material: docs, templates, generic scripts, and example skills.
It must not contain:
- API keys
- tokens
- private MCP configs
- production hostnames
- personal journals
- confidential employer/client information
If you believe sensitive data was accidentally committed:
- Do not redistribute it
- Open a private security report if possible
- Remove the data from the working tree
- Clean the git history before publication if needed
Before pushing changes publicly, run:
scripts/sanitize_scan.sh- a manual review of screenshots / attachments
- a quick audit of commit messages and git history