Intake Boundary
An intake boundary defines what data the public intake surface collects, what it does not, and how the surface enforces both. The current OmniLabs intake boundary keeps the surface at "email only" with no sensitive data, no internal-system disclosure, and no production endpoint; future intake boundaries will be defined explicitly before any endpoint is enabled.
Definition
An intake boundary names the fields the public form may collect, the fields it must not collect, the storage state at intake time, and the operator-side handling that follows. It is one of four operating boundaries — intake, consent, anti-spam, retention — that together define the data-handling posture of the public intake.
Why it matters
Without a documented intake boundary, the form surface accumulates fields and processors over time without explicit decisions. The current prototype intake stays inside a narrow boundary; production intake widens it deliberately, only after the boundaries are reviewed.