mancitrus/system-prompts-and-models-of-ai-tools
1
0
Fork 0
mirror of https://github.com/x1xhlol/system-prompts-and-models-of-ai-tools.git synced 2026-06-18 15:29:36 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
7370c59b19
system-prompts-and-models-o.../salesflow-saas/docs/internal/rotation_log.md
Claude 40ab7b86c2
feat(dealix): Phase 1 completion + Phase 2 foundation scaffolded 
PHASE 1 COMPLETION:

TASK-005 — Live gitleaks scan:
  Scanned 146 commits with gitleaks v8.20.1
  Result: 1 finding — FALSE POSITIVE (model name llama-3.1-70b-versatile
    in test fixture, not an API key)
  Added to .gitleaksignore
  rotation_log.md updated with scan results
  VERDICT: No real secrets in git history — repo clean for extraction

TASK-006 — Legal templates (bilingual):
  docs/legal/templates/IP_ASSIGNMENT_AGREEMENT.md — bilingual IP assignment
  docs/legal/templates/PRIVACY_POLICY_EN.md — PDPL/GDPR-aware template
  docs/legal/templates/PRIVACY_POLICY_AR.md — Arabic privacy policy
  docs/legal/templates/TERMS_OF_SERVICE_EN.md — SaaS ToS with MENA pricing
  docs/legal/templates/DPA_EN.md — Data Processing Agreement with annexes
  All marked as "DRAFT — must be reviewed by Saudi counsel before use"

TASK-006 — Trademark Filing Kit:
  docs/legal/templates/TRADEMARK_FILING_KIT.md
  Covers: DEALIX (Latin) + ديلكس (Arabic) + logo
  Classes 9, 42, 35 across KSA, UAE, Egypt, Jordan, Kuwait
  Application text ready to paste into SAIP + equivalents
  Agent recommendations (AGIP, Saba, Bird & Bird, Al Tamimi)
  Budget: ~90-120K SAR for full MENA coverage

Founder Decision Package:
  FOUNDER_DECISION_PACKAGE.md — single file with 4 decisions:
    1. GitHub org name (recommend: dealix-io)
    2. Entity structure (MISA vs DIFC vs ADGM)
    3. Saudi counsel engagement (15-30K SAR)
    4. Trademark filing (30-50K SAR initial)
  Total founder time to unblock: ~1 week + ~50K SAR

PHASE 2 FOUNDATION:

DEALIX_PHASE2_BLUEPRINT.md — 18-month category leadership plan:
  10 parallel streams (Frontend, Product, AI, Enterprise, Integrations,
    Scale, Commercial, Customer Platform, Trust, Category POV)
  Executable NOW vs Requires External Services vs Wait-for-PMF
  Phase 2 completion criteria (NPS >=50, NRR >=120%, etc.)

TASK-F201 — Design System foundation (scaffolded):
  packages/design-system/tokens/primitive.json — W3C Design Tokens format:
    Brand palette (50-900), neutral (50-950), critical/warning/success/info
    Space, radius, motion (duration + easing) tokens
    Typography with Arabic fontFamily + arabic-adjustment (1.15) for size
    Arabic line-height (1.8) for diacritics
  packages/design-system/tokens/semantic.json — light + dark themes:
    surface, fg, border, interactive, status semantic layers
  packages/design-system/README.md — principles + integration guide

TASK-CAT1340 (prep) — @dealix/arabic-ui package (scaffolded):
  packages/arabic-ui/src/normalize.ts:
    Diacritic-insensitive search (fatha/kasra/damma stripped)
    Hamza variants normalized (أ/إ/آ → ا)
    Waw-hamza, ya-hamza, taa-marbuta, alef-maksura handled
    arabicMatch() + arabicCompare() helpers
  packages/arabic-ui/src/numerals.ts:
    Western/Arabic-Indic/Eastern Arabic-Indic conversion
    formatCurrency() for SAR/AED/EGP/USD/JOD/KWD
    formatNumber() with locale awareness
  packages/arabic-ui/src/direction.ts:
    detectDirection() via Unicode bidi algorithm
    isolate() using U+2068/U+2069 for mixed-direction content
    isRTL() locale check
    hasArabic() presence check
  Future: release as OSS after 12 months of internal use

TASK-CAT1310 — Manifesto (bilingual draft):
  marketing/manifesto.md — 4 principles in Arabic + English:
    1. Arabic first, not Arabic translated
    2. Decisions backed by evidence, not opinion
    3. AI recommends, systems commit, humans approve
    4. Saudi compliance built-in, not bolted on
  Publication target: dealix.io/manifesto + dealix.io/بيان

TASK-CAT1320 — Dealix Labs (scaffolded):
  docs/labs/README.md — research program structure:
    Annual State of Arabic Enterprise AI report
    Quarterly Arabic LLM Benchmarks
    OTel semantic conventions proposal
    Open source: @dealix/arabic-ui + @dealix/design-system

TRUTH.yaml updated:
  Added Phase 2 capabilities section (all as 'partial' or 'roadmap')
  Added ISO 27001/17/18 and bug bounty to security_claims (all false)

All gates GREEN:
  Architecture Brief: 40/40
  Release Readiness Matrix: 71/71 (up from 53/53)
  Release Readiness Gate (blueprint): PASS
  Truth Registry Validator: VALID

https://claude.ai/code/session_01W1rJthWDkasijTdXCfxVHs
2026-04-17 10:52:28 +00:00

87 lines
2.3 KiB
Markdown
Raw Blame History

# Secret Rotation Log
> **Rule**: Every secret found in git history must be rotated and logged here.
> **Owner**: CTO / Security Lead
> **Review**: Monthly
---
## Rotation Template
```
| Date | Secret Type | Location Found | Old ID/Prefix | New Location | Rotated By | Verified |
|------------|------------|----------------|---------------|--------------|-----------|----------|
| YYYY-MM-DD | API Key | git history | sk_xxxx... | AWS SM | @user | ✓ |
```
---
## Active Rotations
### 2026-04-17 — Initial full-history scan
**Tool**: gitleaks v8.20.1
**Scope**: 146 commits scanned
**Findings**: 1
| File | Line | Rule | Verdict | Action |
|------|------|------|---------|--------|
| `personal-brand-engine/tests/test_llm_client.py` | 14 | generic-api-key | **FALSE POSITIVE** — model name `llama-3.1-70b-versatile` | Added to `.gitleaksignore` |
### Conclusion
**No real secrets detected in git history.** Repository is clean for extraction to new org.
## Future Rotations
| Date | Secret Type | Location Found | Rotated By | Verified |
|------|-------------|----------------|-----------|----------|
| TBD | — | — | — | — |
---
## Scan Commands
```bash
# Install tools
pip install gitleaks detect-secrets
# Full history scan
gitleaks detect --source . --log-opts="--all" --report-path /tmp/secret_scan.json
# Current staged files only
gitleaks protect --staged
# Alternative: trufflehog
pipx install trufflehog3
trufflehog3 . --format json --output /tmp/trufflehog_report.json
```
---
## Mandatory Actions After Scan
For every finding:
1. Rotate the credential in the source system (AWS, Stripe, OpenAI, etc.)
2. Update environment variables in production
3. Revoke the leaked credential
4. Add entry to this log
5. Add path/pattern to `.gitleaksignore` ONLY if it's a known false positive
---
## Secrets Management Hierarchy
| Environment | Manager |
|-------------|---------|
| Local dev | `.env` file (gitignored) + Doppler |
| Staging | Doppler or AWS Secrets Manager |
| Production | AWS Secrets Manager (me-south-1) |
## Escape Hatches (forbidden)
- ❌ Secrets in `.env.example`
- ❌ Secrets in docker-compose.yml (use Secrets reference)
- ❌ Secrets in code comments
- ❌ Secrets in test fixtures (use generated values)
- ❌ Secrets in Slack, email, or tickets
Reference in New Issue View Git Blame Copy Permalink