Safe update
Update app code without mutating personal data.
Safety ruleKeep real user data local. Do not
publish private vault content, secrets, screenshots, or logs.
How to use this
Stop services, back up user state, update app code, validate health, and never run update scripts that mutate a real user vault without explicit approval.
What remains explicit
Capture, AI, review, import, and agent suggestions require user
approval before durable writes. Configuration should point at
_WorkOS, and reference vaults should remain read-only
unless deliberately reconfigured.