- Treat API keys and tokens as environment-provided secrets.
- Do not hardcode credentials in repository files.
- Keep environment resolution centralized in
packages/cli/src/features/config/. - Local secret storage uses
~/.devos/config/env.sqlite; never commit this database.
- Avoid raw shell command construction in workflow logic.
- Use module-level helpers for command execution and argument handling.
- Linear access is scoped by configured API key and optional project routing.
- GitHub actions should run through authenticated
ghusage. - Codex execution settings should remain explicit in environment or onboarding-owned state.
- Docker-isolated Codex execution is planned work (ROY-95) and not active in this branch.
- When Docker mode is implemented, container isolation will not remove access to host paths that are explicitly mounted into the container.
- Host/container UID or GID mismatches can create files with unexpected ownership (for example root-owned artifacts) on mounted paths.
- Mounting
CODEX_HOMEinto the container can expose Codex credentials and configuration present in that directory. - Prefer minimal container privileges; avoid workflows that require privileged containers or Docker socket mounting.