codex-agent-repository-kit/profiles/electron.md

Electron Profile

Use when the repository builds an Electron desktop app.

Security Expectations

Check for:

contextIsolation: true
nodeIntegration: false
sandbox: true when compatible
webSecurity: true
allowRunningInsecureContent: false

Avoid:

eval
shell.openExternal without allowlist
unsafe navigation
unvalidated IPC writes

Release Notes

Document:

• installer artifact,
• portable artifact if available,
• signing status,
• SmartScreen/Defender limitations,
• whether secrets or user files stay local.

Common Artifacts

release/*.exe
release/*.blockmap
release/*.yml