Do not commit local runtime secrets or machine-specific infrastructure values. This includes:

• Telegram bot tokens.
• Telegram chat IDs.
• Codex or model API credentials.
• Absolute target repository paths.
• Local SQLite runtime databases.
• Run logs and generated inbox files.

Use .ai/telegram-inbox.local.env for local Telegram and worker settings. That file is ignored by Git.

The Codex inbox worker is intended for local, allowlisted repositories only. Configure CODEX_WORKER_PROJECTS explicitly on each machine and review code changes before merging, deploying, or running production migrations.

If you find a security issue, open a private advisory or contact the project maintainer directly rather than posting exploit details in a public issue.