This project uses local Discord bot tokens and a Gemini API key.
Before committing or sharing the project, run:
py scripts\secret_scan.pyThe scanner checks the working tree and reachable Git history. It prints only file names, line numbers, and pattern names; it should not print secret values.
Local-only files that must not be committed:
bot_tokens.jsongemini_token.txttoken.txt.env.bot.lockagent_memory.sqlite3*pfps/
Use bot_tokens.example.json as the safe template for bot-token config.
If a Discord token or Gemini key is pasted into chat, committed, pushed, or exposed in a screenshot, rotate it before treating the project as safe.