# Data Generator by OzCrypt Known Limitations Date: 2026-06-06 This document describes current launch limitations for Data Generator by OzCrypt. It is not a security audit, accessibility certification, compliance certification, curriculum certification, professional review, or legal review. ## Launch Scope - The product is ready for public use with the limitations below, not a final enterprise-certified release. - Some long-tail tools are usable MVPs and will continue improving after launch. - A final human visual pass is still recommended before broad public promotion, especially at desktop, 360px, 390px, and 768px widths. - Real browser downloads, file picker import/export, copy actions, and very slow job cancel flows should receive one manual confirmation pass on the deployed host. ## Local-First Platform Limits - Local-first only: no signup, server-side project sync, team workspace, login, backend job runner, database, or cloud storage. - No server upload is used by the standalone build unless a user manually copies, downloads, exports, imports, or shares content outside the browser. - Optional basic usage analytics can be enabled in Full Settings. It is off by default and is not part of generation/export, but if enabled it may contact Google Analytics for high-level app usage events. - The in-app Privacy, Safety & Limitations page is an informational launch summary, not formal legal terms or compliance advice. - Privacy, cookie, analytics, data protection, education, healthcare, finance, and legal requirements vary by country and region. Site owners and users remain responsible for reviewing suitability for their use case and jurisdiction. - Browser memory and CPU limits apply to large generation jobs. - Full code-splitting/bundling is not implemented yet; the current standalone build still eagerly loads many scripts for offline reliability. - Offline/PWA behavior depends on browser service-worker support and first-load cache success. - Clean non-hash routes depend on the deployment host serving the app shell internally. ## Tool Coverage - Not every generator supports setup-sharing URLs yet. - Not every generator supports preset JSON import/export yet. - Not every generator pushes rich output cards into Output & Jobs yet. - Some tools still need deeper field-level validation, examples, accessibility polish, mobile polish, or output polish before being considered release-complete. - Some wizard/stepper controls are implemented as buttons rather than a fully normalized ARIA stepper pattern. ## Output and Storage - Generated output should be reviewed before use in real systems. - Large output previews are capped intentionally. - Full large outputs should be downloaded/exported instead of relying on DOM previews. - Generated output kept in memory may be lost on refresh or browser close. - Local storage may contain preferences, recent tools, favorites, drafts, saved sessions, and presets; clear browser data when needed. - Password/secret-style generated values should not be stored automatically by default. - Analytics events are intentionally limited to high-level metadata. They do not provide detailed product diagnostics for generated content because user/generated data is excluded by design. ## Sharing and Presets - Setup links can expose values in browser history, screenshots, logs, and copied messages. - Sensitive parameter blocking is best-effort; users remain responsible for not entering secrets, tokens, private keys, real personal data, customer data, or confidential configuration into shareable links. - `run=1` is governed by tool contracts and may be blocked by validation or row limits. - Very large configurations should use preset JSON export/import instead of long URLs. ## Salesforce, Database, API, and Developer Outputs - No Salesforce login, metadata fetch, or Salesforce API connection is included. - Salesforce object/field/RecordType/OwnerId examples must be reviewed against the target org. - Database tools do not connect to databases and do not execute SQL. - SQL parsing supports practical starter patterns, not every dialect feature. - API mock outputs, curl snippets, webhook examples, config files, Docker-style snippets, and generated scripts use placeholders and must be reviewed before use. - Generated secrets/placeholders are examples only and should not be treated as real credentials. ## Safety Boundaries - Generated data is synthetic/test-only unless the user supplies their own content. - Identity/card/badge/mock output must not be used for impersonation, identity verification, access control, or real-world proof of identity. - Mock cards/badges must visibly show SAMPLE / NOT A REAL ID / FOR TESTING ONLY where relevant. - Data Generator by OzCrypt is not an official document generator and does not create government IDs, passports, driver licences, national IDs, medical cards, or real identity documents. - Health, fitness, legal, financial, and education outputs are sample/template/test-only and are not professional advice, legal advice, medical advice, financial advice, official compliance material, or curriculum certification. - Data masking/synthetic replacement helpers are testing aids only and are not certified anonymization or compliance tools. - Legal placeholder documents, nutrition-style labels, healthcare appointment data, invoice/receipt samples, and domain-specific sample documents should receive additional human product/legal/subject-matter review before being promoted beyond sample/test use. - API, webhook, calendar, travel, real estate, marketing, and weather-like outputs are generated examples only and do not send messages, call APIs, book events, or represent live external data. ## Accessibility and Mobile - Core shell accessibility and mobile/touch behavior have been hardened, but no formal WCAG certification is claimed. - Some individual generator forms may still need deeper `aria-describedby` and screen-reader review. - Advanced tables/forms can still feel dense on small screens; horizontal scrolling is used where preserving columns is clearer than squeezing content. ## Documentation - Public docs use Data Generator by OzCrypt naming. - Historical audit files may retain old internal names and are considered internal/legacy records. - Internal compatibility globals and localStorage keys may still use legacy names for backward compatibility.