keisei/KeiSeiKit-1.0
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
KeiSeiKit-1.0/_blocks/deploy-local-only.md
Parfii-bot 4859e1cdf7 refactor: remove restricted-scope agents and blocks from public kit 
Strip all patent-related tooling from the generic kit so it can ship
publicly under MIT without leaking sensitive IP. restricted-scope agents,
blocks, and skill conditionals live in the private PROJECT-E.

Deleted (5 files):
- _manifests/kei-patent-compliance.toml
- _manifests/kei-patent-researcher.toml
- _blocks/domain-sensitive IP-aware.md
- _assembler/tests/fixtures/_manifests/kei-patent-compliance.toml
- _assembler/tests/snapshots/kei-patent-compliance.snap

Cross-reference cleanup:
- 6 manifests: remove kei-patent-* handoffs and "sensitive IP" forbidden lines
- _blocks/deploy-local-only.md: drop sensitive IP rationale, keep ML weights /
  offensive / kernel / client-confidential banned-public triggers
- skills/research/SKILL.md: drop patent-angle-scanner + "Patent angles" section
- skills/new-agent/SKILL.md: drop Q5 (patent), renumber Q6→Q5 Q7→Q6
- README.md: drop 2 restricted agents rows, renumber wizard questions 5-7→5-6,
  update counts 34→33 blocks / 14→12 agents
- _assembler/tests/golden.rs: remove golden_patent_compliance test
- _assembler/tests/roundtrip.rs: swap kei-patent-compliance fixture to
  kei-cost-guardian for double-assembly determinism test
- _assembler/tests/fixtures/_manifests/kei-researcher.toml + snapshot:
  remove kei-patent-researcher handoff

Tests: 21 → 20 integration tests, all passing. Grep for "patent" in
main tree returns zero hits outside .claude/worktrees.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-21 19:07:02 +08:00

27 lines
1.5 KiB
Markdown
Raw Blame History

# DEPLOY — LOCAL ONLY (sensitive / pre-disclosure project)
Use this block for any project that CANNOT be publicly deployed — typical triggers: proprietary ML weights/architectures you don't want in public training corpora, security tooling that burns its own usefulness on exposure, kernel-level code, client-confidential codebases.
**Hard forbidden (no matter how small the change):**
- Public-URL share pages / static HTML dumps to public hosting
- Vercel / Netlify / GitHub Pages / Cloudflare Pages public deploy
- `gh repo create` public, `gh repo edit --visibility public`
- `git push` to a public remote (GitHub, public GitLab)
- Publishing architecture diagrams with node counts, param totals, or training configs
- Public benchmark tables naming this project
**Allowed:**
- Private remotes (self-hosted Forgejo/Gitea over SSH on a private network)
- Tailscale-only internal services
- Local-only `127.0.0.1` / LAN dev servers
- `.app` / `.dmg` distribution via private channels
**Double-confirmation override (both phrases required, in order, exact wording):**
1. "yes, deploy"
2. "I confirm publication"
No approximations. Informal variants do NOT count. If either phrase is absent, refuse.
**Example categories that typically require local-only:** censorship-circumvention tooling (public push burns exit-node IPs), ML ensembles with trained weights, control / guidance algorithms, offensive security research.
**Report field:** "Public-deploy surface touched: none | <explicit surface> — double-confirm obtained yes/no."
Reference in a new issue View git blame Copy permalink