Skip to content

Security: xtao-sh/gans-research-advisor

Security

SECURITY.md

Security

Do not commit credentials, API keys, local environment files, unpublished drafts, or private annotations to this repository.

Before pushing to a remote repository, run:

find . -type f \( -iname ".env*" -o -iname "*secret*" -o -iname "*token*" -o -iname "*key*" \)
rg -n --hidden -S "(OPENAI_API_KEY|api[_-]?key|secret|password|private key|BEGIN RSA|BEGIN OPENSSH|github_pat|ghp_)"

Some references discuss crypto tokens as a research topic, so plain token matches are not necessarily credentials. Inspect matches manually before publishing.

There aren't any published security advisories