# Security And Privacy Model

This project is designed for public portfolio use. The public repository must not contain personal, account, or gated-platform data.

## Never Publish

- cookies, tokens, session IDs, browser profiles, or local machine paths
- real resumes, phone numbers, email addresses, or private candidate details
- real application trackers or application history
- gated-platform screenshots or copied private content
- private messages, notifications, or account identifiers
- real company communications or non-public interview details

## Safe To Publish

- synthetic job alerts
- public-safe schemas
- demo job cards
- generated match reports based on synthetic data
- blocker labels such as `login_required` or `http_451_blocked`
- evaluation plans
- architecture notes
- product case studies

## Redaction Rules

Before publishing or updating the repository:

1. Search for secrets: `token`, `cookie`, `session`, `password`, `bearer`, `authorization`.
2. Search for local paths: drive letters, usernames, profile directories, and private vault paths.
3. Search for personal contact details: email, phone, address, social account names.
4. Search for real application records: company-specific status, recruiter messages, interview dates, tracking IDs.
5. Replace real role examples with synthetic or clearly public-safe examples.

## Source Boundary

The project can describe how a source was handled, but it should not publish private source content. For example:

```text
Allowed:
Source health: http_451_blocked
Handling: report blocker and use manual alert text

Not allowed:
Full gated URL with tracking parameters, account state, or copied private page content
```

## Human Action Boundary

The workflow must not automate:

- apply
- send message
- follow
- vote
- like
- comment
- profile edit
- resume upload

Any future implementation should enforce these as blocked actions unless a human explicitly approves the exact action outside the public demo flow.
