From d6aac1a40ae2166c9ec0561e975ae3c226cc254e Mon Sep 17 00:00:00 2001
From: EasterRobert <discussdg78578@gmail.com>
Date: Tue, 3 Feb 2026 17:27:20 +0100
Subject: [PATCH] docs: add security best practices for API keys

Include essential security tips to prevent users from accidentally exposing their private keys and credentials.
---
 README.md | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/README.md b/README.md
index b8be0e9b..38dd6581 100644
--- a/README.md
+++ b/README.md
@@ -6,6 +6,13 @@
 
 Typescript client for the Polymarket CLOB
 
+### Security Best Practices
+
+When using this client, please ensure:
+- Never commit your `API_KEY` or `PRIVATE_KEY` to public repositories.
+- Use environment variables (`.env` files) to store sensitive credentials.
+- Add `.env` to your `.gitignore` file immediately.
+  
 ### Usage
 
 ```ts