# SECURITY_RULES

## Sanitization

Before public push, replace:

- local project roots with <PROJECT_ROOT>
- user home folders with <USER_HOME>
- MT5 data folder IDs with <MT5_DATA_FOLDER>
- account IDs with <ACCOUNT_ID>
- broker server names with <BROKER_SERVER>
- IP addresses with <IP_REDACTED>

## Binary policy

Initial public commit must not contain:

- .onnx binaries
- .zip archives
- .mq5 / .mqh source copied from upstream
- .py source copied from upstream
- private logs
- live account data