docs: keep downstream APCP context private

Author: AybarsBarut

.gitignore

@@ -10,6 +10,9 @@
 # -----------------------------------------------------------------------------
 # APCP / AI-generated context artifacts
 # -----------------------------------------------------------------------------
+# This Nexus-APCP source repo intentionally tracks sanitized protocol templates.
+# Downstream product repos can keep installed APCP operating files out of public
+# GitHub with .git/info/exclude or a private global excludes file.
 PROMPT_READY.txt
 PROMPT_READY.tmp
 .checkpoint

AGENTS.md

@@ -70,6 +70,7 @@ This is a public repository. When working on security-related docs or fixes:
 - Use neutral functional wording, such as `improve input validation`, instead of naming the vulnerability class.
 - Keep vulnerability details in private reporting channels.
 - Never commit `PROMPT_READY.txt` generated from a private project.
+- When documenting downstream product-repo setup, keep installed APCP operating files local/private by default and prefer local Git excludes over committed `.gitignore` rules if public GitHub should not reveal AI workflow filenames.
 - Do not weaken `.gitignore`, security guidance, or private-context warnings without a clear replacement.
 
 ## Documentation Style

AI_PROJECT_CONTEXT_PROTOCOL.md

@@ -295,13 +295,15 @@ Filled project-context files are treated like sensitive material when they revea
 Type: Internal project structure and architecture context
 Examples:
   - AI_PROJECT_CONTEXT.md filled for a real private project
+  - Installed Nexus-APCP operating files copied into a downstream product repository
+  - AI_MAIN.md, TASK_PROGRESS.yaml, DECISION_LOG_PROTOCOL.md, and local protocol files when they expose the AI workflow or private delivery state
   - Backend route maps and service topology
   - Database schema internals and production migration notes
   - Infrastructure/deployment maps and internal hostnames
   - Admin workflows, runbooks, threat models, pentest reports
   - Private AI system prompts, tool policies, vector-store layout
 Storage: local workspace, private docs, or approved internal knowledge base
-Rule: Do not commit to public GitHub or customer packages. Create a sanitized public summary instead.
+Rule: Do not commit to public GitHub or customer packages by default. AI agents may read these files locally, from private/cloud knowledge bases, or from generated context bundles. Create a sanitized public summary or template only when explicitly approved.
 ```
 
 ### 4.5 Website Backend Public/Private Boundary

DOMAIN_SPECIFIC_GITIGNORE_PROTOCOLS.md

@@ -210,6 +210,8 @@ Universal rule:
 
 Treat filled project context files like secrets when they reveal how the system is built. Backend topology, route maps, service names, database internals, private infrastructure, internal admin flows, security controls, deployment topology, private prompts, tool policies, vector-store layout, threat models, penetration-test reports, and runbooks should not be pushed to a public repository or included in a customer package by default.
 
+For downstream product repositories that should not reveal local AI workflow files on GitHub, use local Git excludes instead of committed ignore rules. `.git/info/exclude` and private global excludes files let AI agents read APCP files locally while keeping the public repository free of the protocol filenames and generated context artifacts.
+
 If public documentation is needed, create a sanitized public version that removes internal hostnames, admin routes, service topology, database details, security controls, credentials, private prompts, and exploit-relevant implementation details.
 
 AI prompt:
@@ -227,7 +229,7 @@ State whether the repository is safe for public GitHub.
 
 ## 3. AI-Assisted Project and APCP Gitignore Block
 
-Use for APCP/MACP projects, AI coding sessions, prompt packs, context gatherers, and multi-agent workflows.
+Use for APCP/MACP projects, AI coding sessions, prompt packs, context gatherers, and multi-agent workflows. Apply this block to `.git/info/exclude` when public GitHub should not show the local AI workflow filenames. Apply it to committed `.gitignore` only when the repository intentionally makes those ignore rules public.
 
 ```gitignore
 # APCP / MACP / AI-generated context
@@ -245,6 +247,34 @@ PROMPT_READY.tmp
 *.context.local
 *.scratch.md
 
+# Installed Nexus-APCP operating files in downstream product repos
+AI_PROJECT_CONTEXT_PROTOCOL.md
+AI_MAIN.md
+TASK_PROGRESS.yaml
+DECISION_LOG_PROTOCOL.md
+CONTEXT_OPTIMIZATION.md
+CAVEMAN_RULES.md
+EMOJI_POLICY.md
+VISUAL_CONTEXT_MERMAID.md
+AI_AGENT_SKILLS_PROTOCOL.md
+AI_TOOL_ADAPTER_COMPATIBILITY_PROTOCOL.md
+FILE_STRUCTURE_REFACTOR_PROTOCOL.md
+WORKSPACE_SPECIFIC_DELIVERY_PROTOCOLS.md
+WEBSITE_BACKEND_SECURITY_OPTIMIZATION_PROTOCOL.md
+DOMAIN_SPECIFIC_GITIGNORE_PROTOCOLS.md
+UPDATE_SYSTEM_RECOMMENDATION_PROTOCOL.md
+DEBLOAT_APPLICATION_GUIDE.md
+DISCOVER_ALGORITHM_DESIGN_GUIDE.md
+FRONTEND_APPLICATION_DESIGN_PROTOCOL.md
+MACP_IMPLEMENTATION_GUIDE.md
+UNIVERSAL_APPLICATION_SECURITY_PROTOCOL.md
+WATERFALL_DEVELOPMENT_PROTOCOL.md
+README_APCP_KIT.md
+MASTER_PROMPT.md
+AI_ASSISTANT_PROMPT_TEMPLATES.md
+docs/AI_ASSISTANT_PROMPT_TEMPLATES.md
+scripts/apcp-gather.py
+
 # Filled APCP project context is private by default
 AI_PROJECT_CONTEXT.md
 PROJECT_CONTEXT.md
@@ -262,8 +292,9 @@ Rules:
 
 - Do not commit raw AI logs containing secrets, private prompts, customer data, local file paths, or credentials.
 - Do not commit temporary prompt bundles generated from private repositories.
+- Do not commit installed Nexus-APCP operating files to downstream public product repositories by default; keep them local or in an approved private/cloud knowledge base for AI agents.
 - Do not commit filled `AI_PROJECT_CONTEXT.md` files for real projects when they expose backend structure, database layout, infrastructure, internal services, route maps, private prompts, or security assumptions.
-- Do commit sanitized protocol templates.
+- Do commit sanitized protocol templates only when the repository intentionally publishes its AI workflow templates.
 - Do commit decision logs if they contain no secrets or customer data.
 - Do not paste local secret files into AI context.
 
@@ -272,7 +303,9 @@ AI prompt:
 ```text
 You are preparing an APCP/MACP repository for safe GitHub use.
 Review the project for AI-generated context artifacts, local prompt bundles, heartbeats, temporary scratch files, and private session logs.
-Create or update `.gitignore` so generated AI artifacts are ignored, but protocol templates, sanitized handoffs, sanitized state files, and documentation remain trackable.
+If public GitHub should not reveal local AI workflow files, add installed APCP operating files and generated AI artifacts to `.git/info/exclude` or a private global excludes file instead of committed `.gitignore`.
+Use committed `.gitignore` only when the public ignore rule itself is acceptable.
+Keep protocol templates, sanitized handoffs, sanitized state files, and documentation trackable only when the repository intentionally publishes them.
 Also list any file currently tracked that should be removed from Git with `git rm --cached`.
 ```
 
@@ -1201,6 +1234,8 @@ Checklist:
 - `git check-ignore -v path/to/suspicious/file` for any file that should be ignored.
 - Confirm no `.env`, local database, dump, build, package, credential, customer export, private dataset, vector store, or model checkpoint is staged.
 - Confirm no filled project context, backend map, internal architecture, private threat model, deployment topology, database internals, penetration-test report, or security runbook is staged for a public repository.
+- Confirm no downstream installed APCP operating file or generated context bundle is staged unless sanitized publication was explicitly approved.
+- If public GitHub should not reveal AI workflow filenames, confirm APCP rules live in `.git/info/exclude` or a private global excludes file instead of committed `.gitignore`.
 - Confirm `.env.example` is staged/tracked when config changed.
 - Confirm migrations are tracked when schema changed.
 - Confirm lockfiles are tracked when dependencies changed.
@@ -1212,13 +1247,14 @@ AI prompt:
 
 ```text
 Perform a pre-push gitignore audit.
-1. Read `.gitignore`.
+1. Read `.gitignore` and, when relevant, `.git/info/exclude`.
 2. Read `git status --short`.
 3. Inspect staged and unstaged file names.
-4. Identify any secrets, environment files, local DBs, dumps, generated builds, customer exports, AI vector stores, model checkpoints, logs, crash dumps, private project context, backend maps, internal architecture docs, private threat models, deployment topology maps, or domain-sensitive data that should not be committed.
+4. Identify any secrets, environment files, local DBs, dumps, generated builds, customer exports, AI vector stores, model checkpoints, logs, crash dumps, downstream installed APCP operating files, generated context bundles, private project context, backend maps, internal architecture docs, private threat models, deployment topology maps, or domain-sensitive data that should not be committed.
 5. Identify any important source/config files that are accidentally ignored.
-6. Provide exact remediation commands, but do not run destructive commands without approval.
-7. State whether the repository is safe to push.
+6. If public GitHub should not reveal AI workflow filenames, prefer local exclude remediation over committed `.gitignore` changes.
+7. Provide exact remediation commands, but do not run destructive commands without approval.
+8. State whether the repository is safe to push.
 ```
 
 ---
@@ -1334,6 +1370,7 @@ Every delivery report should include a `.gitignore` section:
 Gitignore and public exposure:
 - Workspace/domain:
 - .gitignore updated: yes/no
+- Local exclude used for APCP/AI workflow files: yes/no
 - Domain-specific blocks applied:
 - Files intentionally ignored:
 - Files intentionally kept tracked:
@@ -1371,6 +1408,7 @@ Before suggesting "push to GitHub", "package this", "send to the customer", or "
 - Does it block internal project context, backend maps, architecture maps, deployment maps, and private threat models?
 - Does it block secrets and private keys?
 - Does it block AI private context and vector stores?
+- If public GitHub should not reveal AI workflow files, are installed APCP files handled through local/private excludes instead of committed public ignore rules?
 - Does it avoid hiding files that must be tracked?
 - Were already tracked sensitive files checked?
 - Was a secret scan run?

README.md

@@ -11,7 +11,7 @@
 
 Use Nexus-APCP with **Claude Code, Cursor, ChatGPT, Gemini, GitHub Copilot, local LLMs, and multi-agent development workflows** to reduce context loss, repeated explanations, inconsistent code suggestions, and prompt bloat. It also gives teams a safe way to document AI tool and adapter differences without copying vendor system prompts into public repos.
 
-> Security note: protocol templates may be public, but filled project-context files, backend maps, internal architecture diagrams, deployment maps, database internals, private threat models, and security runbooks should stay local/private unless sanitized and explicitly approved.
+> Security note: protocol templates may be public in this Nexus-APCP source repository, but downstream product repositories should keep installed Nexus-APCP operating files local or in an approved private/cloud knowledge base by default. Filled project-context files, backend maps, internal architecture diagrams, deployment maps, database internals, private threat models, and security runbooks should stay local/private unless sanitized and explicitly approved.
 
 ## What Nexus-APCP Solves
 
@@ -31,7 +31,7 @@ AI-assisted software development gets slower when every new model, chat, IDE age
 - **Website backend security**: static-first backend rules help teams avoid unnecessary SQL/auth/API surface for portfolio, landing, and brochure sites while still supporting secure growth into dynamic features.
 - **User-requested update systems**: update-system fit checks help agents recommend a GitHub SemVer + zip-sync updater only when the project and user request make it appropriate.
 - **Emoji-free output**: `EMOJI_POLICY.md` bans emoji in repository files and AI-generated output, with a user-approved temporary exception only for missing button icons.
-- **Safer publishing**: domain-specific `.gitignore` guidance helps prevent secrets, internal maps, customer data, and generated context from leaking.
+- **Safer publishing**: domain-specific ignore and local-exclude guidance helps prevent secrets, internal maps, customer data, generated context, and downstream APCP operating files from leaking.
 
 ## Core Features
 
@@ -52,7 +52,7 @@ AI-assisted software development gets slower when every new model, chat, IDE age
 | Update System Recommendation Protocol | Guides AI agents to suggest a lightweight GitHub SemVer + zip-sync updater only when the user requests updates and the project profile fits. |
 | Debloat Application Guide | Guides ad-free, consent-aware, dependency-light application design with optional features and measurable performance checks. |
 | Emoji Policy | Bans emoji in repository content and AI output except user-approved temporary button icon placeholders. |
-| GitHub Safety Rules | Includes broad `.gitignore` patterns for AI artifacts, secrets, generated files, domain data, and private docs. |
+| GitHub Safety Rules | Includes broad ignore and local-exclude patterns for AI artifacts, protocol operating files, secrets, generated files, domain data, and private docs. |
 
 ## Quick Start
 
@@ -86,6 +86,8 @@ mkdir -p /your/project/scripts
 cp scripts/apcp-gather.py /your/project/scripts/
 ```
 
+For a downstream product repository, treat these copied files as local agent operating context by default. AI agents can read them from local paths, private cloud docs, or generated context bundles, but the public GitHub repository does not need to expose the AI workflow files unless you intentionally publish sanitized templates. If the public repo should not show these files, put the APCP paths in `.git/info/exclude` or a private global excludes file before any push; use a committed `.gitignore` block only when the public ignore rule itself is acceptable.
+
 Generate an AI-ready context package:
 
 ```bash
@@ -115,6 +117,11 @@ Git command rule:
 - Inspect files and folders directly first.
 - If Git state is truly needed, explain why and ask before running the command.
 
+Public repository rule:
+- Install Nexus-APCP files for local or approved private/cloud agent context by default.
+- Before any GitHub push, keep installed APCP files, generated context bundles, private task state, and internal maps out of the public repository unless I explicitly approve sanitized public templates.
+- Prefer `.git/info/exclude` or a private global excludes file when the public GitHub repo should not reveal local AI workflow files.
+
 Install these core files when available:
 - AI_PROJECT_CONTEXT_PROTOCOL.md
 - AI_MAIN.md
@@ -238,7 +245,7 @@ Yes. Nexus-APCP is model-agnostic and works with hosted assistants, IDE agents,
 
 ### Is filled project context safe to publish?
 
-Usually no. Filled project context can expose internal architecture, deployment topology, database internals, secrets, private prompts, or security assumptions. Publish sanitized templates, not private implementation maps.
+Usually no. Filled project context can expose internal architecture, deployment topology, database internals, secrets, private prompts, security assumptions, and local AI workflow details. In downstream product repositories, keep installed APCP operating files local or in approved private/cloud knowledge bases by default. Publish sanitized templates, not private implementation maps.
 
 ### Why use YAML for task tracking?
 

README_APCP_KIT.md

@@ -6,7 +6,7 @@
 
 ## KIT CONTENTS (4 Files)
 
-This kit consists of 4 core files. You should use them all together:
+This kit consists of 4 core files. You should use them all together as agent operating context. In downstream product repositories, keep installed Nexus-APCP files local or in an approved private/cloud knowledge base by default unless you intentionally publish sanitized templates.
 
 ### 1 **AI_PROJECT_CONTEXT_PROTOCOL.md** (Main Documentation)
 - **Size**: ~20 KB
@@ -104,6 +104,8 @@ nano TASK_PROGRESS.yaml
 
 Security rule: the filled `AI_PROJECT_CONTEXT_PROTOCOL.md` for a real project is private by default. It can expose backend structure, internal architecture, database internals, deployment topology, admin flows, private prompts, and security assumptions. Keep it local or in an approved private knowledge base unless you create a sanitized public version.
 
+Public repository rule: AI agents may read APCP files from local paths, private cloud docs, or generated context bundles, but public GitHub does not need to show the local AI workflow files. Use `.git/info/exclude` or a private global excludes file when those filenames should not appear in the public repository.
+
 ### Step 3: Create Helper Scripts (5 min)
 
 ```bash
@@ -114,20 +116,16 @@ Security rule: the filled `AI_PROJECT_CONTEXT_PROTOCOL.md` for a real project is
 # - scripts/apcp-gather.py (context automation)
 
 chmod +x scripts/*.sh
-git add scripts/
-git commit -m "chore: add APCP helper scripts"
 ```
 
-### Step 4: Commit to Git (2 min)
+### Step 4: Public Git Decision (2 min)
 
 ```bash
-# Commit sanitized templates/docs only. Keep filled AI_PROJECT_CONTEXT_PROTOCOL.md local/private by default.
-git add .gitignore
-git add docs/AI_ASSISTANT_PROMPT_TEMPLATES.md
-git add docs/SETUP_GUIDE.md
-git add docs/AI_PROJECT_CONTEXT_TEMPLATE.md  # optional sanitized template, not the filled private context
-git commit -m "docs: initialize APCP system for AI-assisted development"
-git push
+# Default for downstream product repos:
+# keep installed APCP operating files local/private and do not push them to public GitHub.
+
+# If public sanitized templates are intentionally approved, commit only those sanitized templates.
+# Do not commit filled project context, generated prompt bundles, private task state, or local AI logs.
 ```
 
 ### Step 5: First AI Session (10 min)

SECURITY.md

@@ -1,10 +1,11 @@
 # Security Policy
 
-Nexus-APCP is a public protocol kit, but real project context can be sensitive. Treat filled context files and generated AI context packages as private by default.
+Nexus-APCP is a public protocol kit, but real project context can be sensitive. Treat filled context files, generated AI context packages, and downstream installed APCP operating files as private by default unless sanitized publication is explicitly approved.
 
 ## Do Not Publish
 
 - Filled `AI_PROJECT_CONTEXT.md` files from real projects.
+- Installed Nexus-APCP operating files copied into downstream public product repositories, unless they are intentionally approved sanitized templates.
 - Backend maps, deployment maps, database internals, architecture-private docs, threat models, and security runbooks.
 - API keys, tokens, credentials, certificates, service-account files, `.env` files, and local config.
 - Customer data, logs, production exports, model weights, private prompts, or vector databases.