OpenTag routes chat requests to local or remote agent runtimes. Treat every runtime as privileged automation.
- Start with the
mockruntime. - Use read-only runtime configurations first.
- Put write-capable runtimes behind
requireApprovalForWriteAccess. - Never expose Slack tokens, Codex keys, Anthropic keys, or runtime credentials to untrusted repositories or public channels.
- Run write-capable runtimes inside an isolated container or CI worker.
- Review
.opentag/data/audit.ndjsonregularly.
Do not commit real values for:
SLACK_BOT_TOKEN
SLACK_APP_TOKEN
SLACK_SIGNING_SECRET
SLACK_USER_TOKEN
OPENTAG_ADMIN_TOKEN
OPENAI_API_KEY
ANTHROPIC_API_KEY
Keep ~/.opentag/.env local. Use examples/env.example and documentation placeholders such as xoxb-..., xapp-..., and change-me.
Before committing screenshots, redact visible app IDs, client IDs, client secrets, signing secrets, verification tokens, workspace-private data, user information, and channel content. Screenshots in docs/pic/ are only for setup tutorials and must remain sanitized.
The detailed Slack setup tutorials live in docs/user-guide/01-install.md and docs/user-guide/01-install.zh-CN.md. Keep screenshots there instead of embedding long setup flows in the root README.
Open an issue with reproduction details and affected runtime/gateway. Do not include secrets or real customer data.