# Security Notes

Powered by 4P3X Intelligent AI™ Created by Kyzel Kreates™

This build is local-first and designed for authorised school/owner/admin use.

## Safe boundaries

- No stealth monitoring.
- No credential harvesting.
- No packet interception.
- No security bypassing.
- No hidden device control.
- No camera, microphone, location, browsing-history or screen-recording collection by the NetworkWatch™ layer.
- NetworkWatch™ is a manual registry and authorised heartbeat/API status layer only.

## Secrets

Do not put private API keys, passwords, service-role keys or backend secrets in client files. Use environment variables and a server-side/local bridge for sensitive integrations.

## Local owner code

The LocalCore™ owner/admin code is stored locally as a browser-side hash for casual admin gating. It is not a replacement for operating-system login, school identity management, device management or server-side authentication.

## Deployment guidance

- Keep source repositories private.
- Deploy static/compiled builds only.
- Do not ship source maps in public production builds unless required for internal debugging.
- Keep demo data separate from live/local data.
