Table of Contents generated with DocToc
This file declares which LLM endpoints this project's framework skills are allowed to route private data through, and which mailing lists count as private.
The contract behind these declarations lives in the framework at tools/privacy-llm/models.md; the per-variant setup recipes are at docs/setup/privacy-llm.md.
(none — Claude Code is the only LLM)
<private-list>These knobs tune how skills apply the PII redactor (per ../../tools/privacy-llm/wiring.md) when reading <security-list> content. Defaults are listed in parentheses; uncomment a row to override.
# collaborator_source: <tracker>
(default: read from <project-config>/project.md → tracker_repo). The repository whose collaborator list is treated as “already public/known” and therefore NOT redacted. Override here if your project tracks security-team membership in a different repo (e.g. a parent-org roster repo).
# collaborator_exemption: enabled
(default: enabled — collaborators are NOT redacted; their identity is already public via the tracker's collaborator list).
Set to disabled for a stricter posture: every non-reporter individual gets redacted, including collaborators. Use when your PMC has decided that even public collaborator identity should not flow through LLMs as a defence-in-depth measure.
# redaction_field_types: name, email, phone, ip, handle, address
(default: all six types are redacted). Remove a type from this list to disable redaction for that field type. Rare — most projects keep all six on. Examples of when an adopter might narrow:
phone.ip. The framework already excludes IPs that identify a vulnerable production server (see ../../tools/privacy-llm/pii.md) but this knob is the broader override.The redactor itself reads no config file — these knobs are applied by the skill at filter time (Step 3 of the redact-after-fetch protocol), before pii-redact --field arguments are constructed. A skill that does not respect a knob is a framework bug; report it on apache/magpie.