Hugging Face's logo

Spaces:
AItoolstack
/
AI-PolicyTrace
Running

App Files Community
AI-PolicyTrace
File size: 1,022 Bytes
78046e4
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
# Security And Privacy

PolicyTrace is designed for document extraction workflows that may involve sensitive personal data.

## Public Demo Rules

- Use only synthetic or redacted PDFs.
- Do not commit real customer documents.
- Do not commit `.env` or API keys.
- Do not commit `output/`, session folders, debug artifacts, or generated extraction JSON from real documents.
- Rotate any key that was ever stored in a local file before publishing the repository.

## Secrets

Local development uses `.env`, which is ignored by git.

Production deployments should use platform secrets:

- Hugging Face Spaces: Space Secrets
- GitHub Actions: Repository Secrets
- Cloud platforms: managed secret stores

## Uploaded Files

The local API stores uploaded PDFs under `output/sessions/`. Session folders are deleted on startup when they are older than `pipeline.session_ttl_days`.

For production use, add authentication, stronger retention controls, audit logging, and external storage policies before accepting real documents.