Code Rooms
# Security
Do not commit live credentials to this repository.
Use `.env.example` for environment variable names only. Local `.env` files are
ignored by git and should stay on the user's machine.
If you find a credential, token, private key, local archive path, or private
project artifact in this repo, remove it and rotate the credential if it was
ever live.
For normal operation, install skills into a local Codex home and keep provider
keys in that local environment.
For local pre-publish scans, maintainers may set `KOGNIT1V_BLOCKED_TERMS` or use
an ignored `.kognit1v/blocked-terms.txt` file to block private codenames without
committing those terms to the public repo.