Always keep a quick rollback script ready, a kill‑switch in a hidden branch and logs that point straight to the source. I never bother with a spreadsheet, just a few lines in my repo and a mental map of where every key lives. If the breach hits, you drop the script, lock the creds, and walk out before the cops get a chance to trace you. That's the gut reaction, but it’s built on a solid, lean plan.