- Do not paste proprietary employer data into state files
- Sanitize state files before sharing or committing to public repos
- Treat prompts as logs :: assume they could be seen
- State files are plain text :: encrypt if needed for sensitive projects
- This protocol does not send data anywhere :: it's fully local