Your .gitignore Won't Protect You From AI Agents
We often assume that adding files to .gitignore or .geminiignore is enough to keep them private. When it comes to local AI agents, that assumption is dangerously wrong. These ignore files are for version control and file search indexing, not a security shield. An AI assistant with access to your local environment can easily read any file, regardless of your ignore settings. A Simple, Scary Test Let’s prove it. Imagine you have a project with a simple .env file: ...