Do not commit credentials, API keys, local environment files, unpublished drafts, or private annotations to this repository.
Before pushing to a remote repository, run:
find . -type f \( -iname ".env*" -o -iname "*secret*" -o -iname "*token*" -o -iname "*key*" \)
rg -n --hidden -S "(OPENAI_API_KEY|api[_-]?key|secret|password|private key|BEGIN RSA|BEGIN OPENSSH|github_pat|ghp_)"Some references discuss crypto tokens as a research topic, so plain token matches are not necessarily credentials. Inspect matches manually before publishing.