The plain answer to "morph records everything; what happens when I share it?" — without hand-waving, without false comfort. 1. docs/SECURITY.md (new, ~280 lines). - "What morph records, said plainly" — verbatim prompts and responses, every tool call (read() returns the file contents the agent saw), every shell stdout/stderr, every edit, env, model id, token counts. - "Where it lives" — .morph/ on disk, never tracked by git (auto-excluded), not encrypted at rest (same posture as Claude/Cursor/OpenCode on-disk transcripts; use disk encryption). - "What crosses the wire when" — git push (code only, physically cannot include traces) vs morph push (opt-in, separate channel, sends everything reachable). Drawn as a two-channel diagram. - Recommended team setup, before-you-share checklist, and a brittle "I leaked a secret into a trace" recipe that collapses into `morph forget <hash> --remote <name>` once v0.41.0 ships.…