Privacy exposure: SDK_USER_EMAILS_SENT.md at origin/main contains two customer email addresses in a PUBLIC repo. The root also carries ~40 internal files (REDDIT_POST_*.md, MARKETING_ACTION_PLAN.md, outreach drafts, QA session notes, test_idan_bug.py) — a poor first impression for exactly the evaluating-engineer audience the 2026-07-03 ICP analysis identified as our #1 buyer (embedders).
- Remove
SDK_USER_EMAILS_SENT.md + internal .md files from main immediately
- Decide on history scrub for the PII file (git filter-repo / BFG — force-push, Karl's call)
- Add a repo-hygiene guard: internal docs live in a private repo or /internal ignored dir
Found during 2026-07-03 SDK fitness evaluation (report: ~/.claude/History/sdk-health/sdk-fitness-embedder-icp-2026-07-03).
Privacy exposure:
SDK_USER_EMAILS_SENT.mdat origin/main contains two customer email addresses in a PUBLIC repo. The root also carries ~40 internal files (REDDIT_POST_*.md, MARKETING_ACTION_PLAN.md, outreach drafts, QA session notes, test_idan_bug.py) — a poor first impression for exactly the evaluating-engineer audience the 2026-07-03 ICP analysis identified as our #1 buyer (embedders).SDK_USER_EMAILS_SENT.md+ internal .md files from main immediatelyFound during 2026-07-03 SDK fitness evaluation (report: ~/.claude/History/sdk-health/sdk-fitness-embedder-icp-2026-07-03).