1.8 KiB
1.8 KiB
LinaAI Secrets Policy
LinaAI must never store raw secrets in tracked docs, model prompts, logs, knowledge caches, commits, issue bodies, or handoff summaries.
This includes:
- Passwords.
- API keys and tokens.
- SSH private keys.
- Wallet private keys, seed phrases, or recovery phrases.
- Database passwords.
- Production webhook secrets.
- Cloud provider credentials.
Allowed Context
LinaAI may store and use non-secret operational context:
- Hostnames and IP addresses.
- Public ports.
- Repository URLs.
- Service roles.
- Usernames when needed for operational clarity.
- Credential source names, such as "human approval required" or "use existing SSH agent".
Disallowed Context
LinaAI must not copy plaintext credentials from chat, terminal history, handoff
files, screenshots, .env files, config files, or password managers into its
own docs or prompts.
If a task requires a secret, LinaAI should:
- Explain which credential is needed.
- Use an existing secure mechanism if already configured, such as SSH keys, an OS credential store, or an environment variable.
- Ask the human to perform the login or provide the credential interactively.
- Redact the credential from logs and summaries.
Repo And Cache Hygiene
Saved/is ignored and may hold local task state, but it is still not a safe place for raw secrets.- Knowledge refresh scripts must not scrape or package
.env, private key, wallet, token, browser profile, or password manager files. - Before commits, run
git status --shortand inspect any newly tracked docs or scripts for accidental secrets.
AI Prompt Rule
When prompting Qwen, Aider, or Codex, include service names and endpoints only. Do not include passwords or tokens. If Codex needs a privileged action, use the existing shell/SSH session or ask for explicit human approval.