Prox OS Internal Docs
TrustSecurityBaseline

Access Control

contributors expand.

Principles

  • Least privilege.
  • Owner and backup owner for critical assets.
  • Protected branches for production-oriented repositories.
  • Access review before funding, revenue, production users, or external contributors expand.

Future Controls

  • CODEOWNERS for critical paths.
  • Branch protection and required checks.
  • Cloudflare Access or organization auth for internal docs/API docs.
  • Separate roles for billing, infrastructure, API, docs, and community.

Not In Repo

Do not store tokens, recovery codes, account IDs, private legal records, or passwords in repo docs.

On this page