Skip to content

[H-13 / Phase 4] [LOW] Document plaintext-PII-at-rest posture #17

Open
Open
[H-13 / Phase 4] [LOW] Document plaintext-PII-at-rest posture#17
Labels
documentationImprovements or additions to documentationsecuritySecurity-sensitive fix or reviewtech-debtEligible for automated overnight fixing
@matthewod11-stack

Description

@matthewod11-stack
matthewod11-stack
opened on Apr 17, 2026

Full spec: docs/hardening-roadmap-2026-04-16.md#h-13

Description

Run artifacts (runs/<id>/candidates.json, checkpoint.json) are gitignored but written as plaintext JSON containing PII. Acceptable for local single-user dev, but should be stated explicitly and revisited before any multi-user or shared-machine deployment.

Current State

  • .gitignore excludes runs/.
  • No explicit "data at rest" posture documented.

Suggested Fix

  • Add "Security & data handling" section to README.md:
    • Where run data lives
    • What's in it (PII by field type)
    • Retention defaults
    • Purge command
    • Explicit non-goal: "run artifacts are not encrypted; do not run Sourcerer on shared machines."
  • Mirror in CLAUDE.md conventions.
  • File separate tracking issue for optional at-rest encryption (out of scope here).

Verification

  • pnpm build passes
  • README has "Security & data handling" section
  • Follow-up issue filed with enhancement + security labels

Automation Hints

scope: README.md, CLAUDE.md
do-not-touch: code
approach: config-change
risk: low
max-files-changed: 2
blocked-by: none
bail-if: none

Priority

Low

Metadata

Metadata

Assignees

No one assigned

    Labels

    documentationImprovements or additions to documentationsecuritySecurity-sensitive fix or reviewtech-debtEligible for automated overnight fixing

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions