# OrbitWard Agent Notes

OrbitWard should be built incrementally. Keep the first release focused on a secure monitoring appliance with guided setup, website monitoring, alerts, and notifications.

## Product Guardrails

- Do not show raw SNMP OIDs in the normal UI.
- Keep monitoring separate from alerting.
- Use friendly names, profiles, and guided setup instead of raw configuration.
- Do not include LANCache in product scope.
- Avoid building full NMS features before the v0.1 vertical slice is stable.

## Engineering Guardrails

- Never commit or push changes without explicit user approval for that specific commit/push.
- Python backend: FastAPI, SQLAlchemy, Alembic, Pydantic.
- Frontend: React, TypeScript, Vite, Tailwind.
- Deployment: Docker Compose first.
- Authentication must exist from the beginning.
- Store secrets encrypted at rest before real credential storage is enabled.
- Never log secrets or return saved secret values after creation.