Files
yao-meta-skill/security/secret_policy.md
T
2026-06-13 12:34:19 +08:00

8 lines
382 B
Markdown

# Secret Policy
Skills must not commit credentials, tokens, private keys, or customer secrets.
The v0 scanner blocks obvious high-risk patterns such as private key blocks, GitHub personal access tokens, Slack bot tokens, AWS access key ids, and OpenAI-style API keys.
Potential private paths or local-only references should be treated as warnings unless they expose credentials.