diff options
| author | Paul Buetow <paul@buetow.org> | 2026-01-17 11:24:16 +0200 |
|---|---|---|
| committer | Paul Buetow <paul@buetow.org> | 2026-01-17 11:24:16 +0200 |
| commit | a729c671d1bd3c0cd5599ee53eb86d6a90f5d8f7 (patch) | |
| tree | b5bac9fa12d6121a449e8ade887ccb172c49b347 /f3s | |
| parent | 5f064015f21447b59b2fb3bf12e768580f554d23 (diff) | |
Add security policy to AGENTS.md
Never commit secrets (SSH keys, tokens, passwords) to git.
Deploy them as Kubernetes Secrets and rotate if exposed.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Diffstat (limited to 'f3s')
| -rw-r--r-- | f3s/AGENTS.md | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/f3s/AGENTS.md b/f3s/AGENTS.md index 5637ce3..e6c51bb 100644 --- a/f3s/AGENTS.md +++ b/f3s/AGENTS.md @@ -1 +1,7 @@ Follow file:///home/paul/Notes/snippets/f3s/f3s.md + +## Security Policy + +- **Never commit secrets to git.** This includes SSH private keys, API tokens, passwords, and any other sensitive credentials. +- Secrets must be deployed as Kubernetes Secrets directly via `kubectl create secret` or through a secrets management solution. +- If a secret is accidentally committed, it must be rotated immediately and pruned from git history using `git-filter-repo`. |