__pycache__/
*.py[cod]
.venv/
.env
.DS_Store

# Runtime data — never commit
data/*.jsonl
data/*.json
data/*.db
data/*.db-shm
data/*.db-wal
data/*.md
data/archive/
!data/.gitkeep

# Sensitive — operational IP, personal data, security audits
CLAUDE.local.md
IDENTITY.md
config/provision.json
config/vault.json

# MCP registry publishing — private keys must never be committed
# (the public auth file at frontend/.well-known/mcp-registry-auth IS safe to commit)
*.pem
key.pem
.mcp-private-key.local
*.local
roster/
grandopening/
specs/
experiments/
governance-cache/
reference/DEPLOY_Pricing_Architecture_v2.md
.claude/
.specify/

# Incoming drop zone — local-only workspace for cross-session communication
incoming/

# Infrastructure
vault/
forks/
reports/
.playwright-mcp/
.deric/
.railway/
.vercel
.vscode/
uagents_core.log
data/provision.json.lock
