Skip to content

URGENT: customer PII + ~40 internal files in public repo #42

Description

@karlwaldman

Privacy exposure: SDK_USER_EMAILS_SENT.md at origin/main contains two customer email addresses in a PUBLIC repo. The root also carries ~40 internal files (REDDIT_POST_*.md, MARKETING_ACTION_PLAN.md, outreach drafts, QA session notes, test_idan_bug.py) — a poor first impression for exactly the evaluating-engineer audience the 2026-07-03 ICP analysis identified as our #1 buyer (embedders).

  1. Remove SDK_USER_EMAILS_SENT.md + internal .md files from main immediately
  2. Decide on history scrub for the PII file (git filter-repo / BFG — force-push, Karl's call)
  3. Add a repo-hygiene guard: internal docs live in a private repo or /internal ignored dir

Found during 2026-07-03 SDK fitness evaluation (report: ~/.claude/History/sdk-health/sdk-fitness-embedder-icp-2026-07-03).

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions