Skip to content

Ingestion safety: write-time exclusion and redaction controls #44

New issue
New issue
Open
Open
Ingestion safety: write-time exclusion and redaction controls#44
Labels
area:securityAuthentication, secrets, and security hygiene.kind:featNew capability or product behavior that is not primarily a refactor or cleanup.theme:provenanceEvidence, citations, lineage, and explainability.
@aurexav

Description

@aurexav
aurexav
opened on Feb 16, 2026

Summary

Provide API-level write-time exclusion and redaction controls for sensitive content.

Why

Privacy/exclusion policy should be explicit and verifiable at ingestion time, not only handled by upstream callers.

Scope

  • Add request-level exclusion controls for ingest endpoints:
    • explicit exclusion spans/fields
    • optional redaction transforms before persistence
  • Persist policy decision metadata for auditing.
  • Add verification endpoint/fields to confirm excluded content was not stored.

Acceptance Criteria

  • Sensitive segments marked for exclusion are provably absent from persisted note content.
  • Redaction/exclusion actions are visible in audit metadata.
  • Default behavior remains backward-compatible when controls are omitted.

Related

Metadata

Metadata

Assignees

No one assigned

    Labels

    area:securityAuthentication, secrets, and security hygiene.kind:featNew capability or product behavior that is not primarily a refactor or cleanup.theme:provenanceEvidence, citations, lineage, and explainability.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions