Security Guidelines π API Key Management β Never commit API keys to Git: Firecrawl API keys AWS credentials Any secret tokens β Use environment variables: # Copy template cp .env.example .env # Add your keys FIRECRAWL_API_KEY=your_actual_key_here AWS_ACCESS_KEY_ID=your_aws_key β For production: Use AWS Secrets Manager Use IAM roles instead of access keys Enable MFA on AWS accounts π‘οΈ Best Practices Rotate keys regularly Use least privilege IAM policies Monitor API usage Enable CloudTrail logging π¨ If keys are exposed: Immediately revoke the compromised keys Generate new keys Update all applications Review access logs