mcp-adr-analysis-server

# GitHub Push Protection Bypass Instructions ## Issue GitHub's push protection is detecting a Twilio Account SID in the commit history that has been fixed but still appears in previous commits. ## The Secret The detected string was a **test placeholder** in `tests/utils/tree-sitter-analyzer.test.ts` and is **NOT a real secret**. It has been replaced with a safe placeholder pattern. ## Safe to Bypass This detection is a **false positive** because: 1. The string was test data, not a real Twilio Account SID 2. It has been properly replaced with a placeholder 3. The commit contains security improvements including proper secret scanning ## Bypass Instructions To push these security improvements, use the GitHub URL provided in the error message: 1. Visit the URL provided by GitHub (appears in git push error) 2. Click "Allow secret" since this is a false positive 3. The string will be allowlisted for this repository 4. Push will proceed normally ## Future Prevention The implemented gitleaks configuration and pre-commit hooks will prevent real secrets from being committed in the future. ## Security Verification ✅ Real secret scanning implemented with gitleaks ✅ Pre-commit hooks block actual secrets ✅ Test data uses safe placeholder patterns ✅ Documentation updated to avoid triggering false positives