diff --git a/apps/web/src/lib/public-security-redaction.ts b/apps/web/src/lib/public-security-redaction.ts
index 8df62996..e2c19348 100644
--- a/apps/web/src/lib/public-security-redaction.ts
+++ b/apps/web/src/lib/public-security-redaction.ts
@@ -113,10 +113,6 @@ function hasUnsafePublicIdentifier(value: string): boolean {
   const normalized = value.toLowerCase();
   return (
     RAW_REPOSITORY_IDENTIFIER_RE.test(value) ||
-    normalized.includes("owen" + "hytsai") ||
-    normalized.includes("nexu" + "-io") ||
-    normalized.includes("blocked" + "_waiting_") ||
-    normalized.includes("blockers" + "=") ||
     normalized.includes("github.com")
   );
 }
diff --git a/scripts/security/security-mirror-progress-guard.py b/scripts/security/security-mirror-progress-guard.py
index 04343ce4..96429afc 100755
--- a/scripts/security/security-mirror-progress-guard.py
+++ b/scripts/security/security-mirror-progress-guard.py
@@ -418,6 +418,12 @@ def validate(root: Path) -> None:
         assert_text_not_contains(label, text, forbidden)
     assert_text_not_contains("public_security_redaction.owner_namespace_literal", public_security_redaction, "owenhytsai")
     assert_text_not_contains("public_security_redaction.external_namespace_literal", public_security_redaction, "nexu-io")
+    assert_text_not_contains(
+        "public_security_redaction.internal_blocked_waiting_literal",
+        public_security_redaction,
+        "blocked_waiting_",
+    )
+    assert_text_not_contains("public_security_redaction.internal_blockers_literal", public_security_redaction, "blockers=")
 
     manifest_count = manifest["contract_count"]
     readiness_summary = readiness["summary"]