# Temporary SSH and Server Safety Rules

Temporary Codex access is authorized only for the Affiliate Finder tool at:

/home/reseller/public_html/tools/

Allowed task scope:
- Inspect Affiliate Finder files.
- Upload/update affiliate-finder.html and affiliate-finder-api.php.
- Run the Affiliate Finder URL/email discovery batch only for the verified GREEN list.
- Use API keys only by variable/constant name from /home/reseller/config.php.
- Never print, copy, export, or log secret values.

Hard limits:
- Do not touch other sites, WordPress files, databases, cPanel config, SSH config, firewall, mail config, or unrelated directories.
- Do not use sudo.
- Do not change permissions recursively.
- Do not delete files recursively.
- Do not install packages.
- Do not restart services.
- Do not display config.php contents.
- Do not run Hunter/FindyMail/ScraperCity paid lookups in bulk until a small Serper URL test is reviewed first.

Working method:
- Start with hostname, whoami, pwd.
- Work only in /home/reseller/public_html/tools/.
- Back up affiliate-finder.html and affiliate-finder-api.php before replacing them.
- Log write actions in /home/reseller/public_html/tools/codex-session-log.txt.
- First test only 3 to 5 records before any larger batch.
- Report every changed file and every API batch count.
