Sketch Security Guardrails
Overview
Provide safe handling rules for keys, logs, and user uploads while debugging or adding telemetry.
Workflow
- Never log secrets: API keys, bearer tokens, or auth headers.
- Never log raw images: no base64 image bytes or file payloads.
- Avoid full prompts: log only prompt length or hash.
- Telemetry minimalism: only metadata (duration, provider, error code).
- Review logs before sharing: scrub console output in proof videos or screenshots.
Safe Debug Patterns
- Log error codes instead of full stack traces when user-visible.
- Use sample files or stubbed requests for proof videos.
- Keep logs off by default unless
ENABLE_TELEMETRY=true.
References
references/security-guardrails.md
微信扫一扫