# Python
__pycache__/
*.py[cod]
*$py.class
*.so
.Python
build/
dist/
*.egg-info/
*.egg
.venv/
venv/
env/

# Environment — secrets only (.env is committed as non-sensitive config)
.env.secrets
.env.local
.env.staging
.env.production
credentials.json

# Task management (contains historical sensitive references)
.taskmaster/

# IDE
.vscode/
.idea/
*.swp
*.swo
*~

# OS
.DS_Store
Thumbs.db

# Node (frontend)
node_modules/
.next/
out/

# Testing
.coverage
htmlcov/
.pytest_cache/

# Docker
docker-compose.override.yml

# Logs
logs/

# Task-master
.task-master/
.taskmaster/

# Claude Code (settings may contain sensitive operational details)
.claude/
.playwright-mcp/

# Root-level screenshots (audit artifacts, not source)
/*.png
/Screenshot*
/docs/screenhots/

# Xcode
*.xcodeproj/
*.xcworkspace/
xcuserdata/
DerivedData/
*.ipa
*.dSYM.zip
*.dSYM

# Project instructions (contains sensitive operational details)
CLAUDE.md

# Security / credentials
*.pem
nginx/htpasswd

# Backup scripts (contain local path info)
scripts/backup-secrets.sh
scripts/com.agentgraph.backup.plist

# Generated data
data/
digest_history.json
MANUAL_TASKS.md

# Internal strategy docs (sensitive — not for public repo)
docs/internal/

# Internal docs and drafts (public repo — no strategy/internal docs)
docs/internal/

# OATR registration artifacts (already submitted)
agentgraph.json
agentgraph.private.pem
registry/

# MCP registry tokens
.mcpregistry_*

# MCP publisher binary
mcp-publisher
