# Provider and external-action gates

These actions require explicit Marius approval before execution:

- creating provider accounts or projects;
- paid resources or subscriptions;
- live secrets or real client data;
- production deploy or production DNS;
- payments, email sending, newsletters or webhooks;
- analytics/tracking beyond a safe preview;
- public launch of client/business photos or legal claims;
- private hosted preview if a provider project/account must be created;
- remote iMac UI/social visual worker tasks when they are not necessary for
  the confirmed local implementation scope;
- Proxmox guest creation when the capacity gate blocks or is unavailable;
- Proxmox deletion, network exposure, snapshot/restore, service installation on
  existing guests or destructive infrastructure change.

Approval scopes are separate. Local implementation approval does not authorize
provider accounts, public launch, DNS, paid resources, production deploy,
public media launch, iMac worker tasks or Proxmox work outside the standing
private capacity-gated sandbox policy.

## Project-specific gates for Pop Media Site

- Local implementation: not approved yet.
- Private preview: not approved yet; Vercel/managed preview can be proposed later.
- Public launch: not approved.
- Media public launch: not approved; public use of photos, logos, social screenshots and legal/commercial claims needs Florin/Marius approval.
- Contact actions: static mailto/phone/WhatsApp links are allowed after approval if the exact contact details are confirmed; live forms, newsletter capture and email sending are not in V1.
- Analytics/tracking: disabled for V1 unless Marius explicitly approves a privacy-safe setup.
- Social media: use public links only; no scraping, login automation or private social data.