[ SECURITY_PROTOCOL_V1.0 ] [ SECURITY_PROTOCOL ]

All client repositories are analyzed within isolated, air-gapped forensic environments. The working set is mounted on volatile, memory-backed storage (RAM disk/tmpfs) and processed inside a network-isolated container (no egress).

• • NO cloud-based IDEs are used.
• • NO code is pasted into public LLMs (ChatGPT/Claude).
• • Analysis is performed using local static analysis tools and self-hosted models.
• • Session data is destroyed on teardown; no client repository is retained after engagement closeout.

Upon delivery of the Final Artifact (or 48 hours after project termination), the following sequence is executed:

1. 1. The forensic environment is dismantled and access is revoked.
2. 2. The volatile workspace (RAM disk/tmpfs) is detached/unmounted, destroying the working set.
3. 3. A destruction ledger entry is recorded as an operational attestation.
4. 4. If persistent storage is ever used for an exception case, sanitization procedures follow NIST SP 800-88 Rev. 1 and are documented in the engagement log.

A destruction attestation is recorded in the engagement log.

All client engagements will be governed by a strict Mutual Non-Disclosure Agreement (NDA).

• • Standard engagements are governed by NDA and MSA/SOW templates.
• • Professional Liability Insurance (E&O) is maintained or obtained prior to executing covered engagements.
• • Zero retention of IP rights (guaranteed via MSA).
• • Legal instruments are reviewed and maintained as part of the engagement process.

In the event of a security anomaly:

• • EMAIL: miguel.ingram.research@gmail.com
• • PGP KEY: 2A55 89CB 674A 52C6