fffiloni's picture
Upload 4 files
9c6bd0f verified
|
Raw
History Blame
1.15 kB

Security Notes

Token model

The orchestrator uses Hugging Face OAuth. Do not store a global admin HF_TOKEN in the Space.

The user OAuth token is passed to HF Jobs as a secret named HF_TOKEN. The worker must never write it to the Bucket, traces, reports, generated files, or logs.

Resource ownership

Generated Spaces are constrained to the signed-in user's namespace and are private by default.

The validation workflow is also limited to Spaces under the signed-in user's namespace.

Hardware

Hardware assignment is best-effort. GPU upgrades may involve billing and may fail through OAuth. The supported fallback is manual hardware selection by the user followed by a separate validation job.

Traces

Pi traces can contain prompts, tool outputs, paths, generated code, and potentially sensitive information. Raw traces should remain private. Redaction is best-effort and should not be treated as a formal data-loss-prevention system.

Publication

The app never publishes generated Spaces automatically. Users should review generated code, license requirements, and validation results before making any generated Space public.