// storageGuard.js
const RESTRICTED_SUBSTRINGS = [
  'token','access','refresh','userid','user_id','user','profile','email','phone',
  'answers','interest','riasec','salary','ssn','auth'
];
function shouldBlock(key) {
  const k = String(key || '').toLowerCase();
  return RESTRICTED_SUBSTRINGS.some(s => k.includes(s));
}
function wrap(storage) {
  if (!storage) return;
  const _set = storage.setItem.bind(storage);
  storage.setItem = (k, v) => {
    if (shouldBlock(k)) {
      throw new Error(`[storageGuard] Blocked setItem(\"${k}\"). Sensitive data is not allowed in Web Storage.`);
    }
    return _set(k, v);
  };
}
export function installStorageGuard() {
  try { wrap(window.localStorage); } catch {}
  try { wrap(window.sessionStorage); } catch {}
}