Export policy
How WorkCheats decides whether workspace content can be exported.
Export rules in WorkCheats depend on where content came from and whether your workspace is allowed to export that content type. Both checks are enforced server-side — editing content in the UI does not bypass policy by itself.
This page explains user-facing export boundaries. It does not describe live production billing or payment checkout.
Two separate checks
| Check | Question it answers |
|---|---|
| Item export policy | Is this specific item's provenance eligible for re-export? |
| Export entitlement | Does your workspace account have the product feature to export this kind of content? |
Both must pass for a typical package or file export to succeed. Restricted provenance blocks export even when you have edited the item extensively.
During closed beta, export entitlement may come from grants or overrides — not from package JSON and not from ordinary in-app editing.
Provenance-based export policy
Export policy looks at content source type (and sometimes original source lineage):
| Provenance (user-facing) | Typical export rule |
|---|---|
| User-created in WorkCheats | May be exportable if entitlement allows |
| User import (Import Center) | May be exportable if entitlement allows |
| Marketplace-installed copy | Blocked — even if you edited the item |
| Starter content | Blocked |
| Installed pack lineage | Blocked |
| System-owned content | Blocked |
| Unknown or missing provenance | Blocked |
Editing Marketplace-installed or starter content does not restore export rights. Ownership and export eligibility stay tied to provenance.
If lineage shows a restricted original source (for example, content that started as a Marketplace copy), export may remain blocked even when the current label looks user-created.
What users see when export is blocked
The app may show a generic message such as Export not allowed for this item. The underlying reason is provenance or missing export entitlement — not a bug in your edits.
Common situations:
- Exporting a workflow, template, or command you installed from Marketplace
- Exporting starter-pack content
- Exporting when your workspace lacks the export feature for that content type during beta
Export formats (when allowed)
Depending on content type and policy, exports may include:
| Content | Typical formats |
|---|---|
| Library commands | WorkCheats Package v1 |
| Workflows | Legacy JSON and/or Package v1 |
| Templates | JSON, Markdown, Package v1 |
| Field presets | Package v1 |
| Reports | JSON manifest, raw Markdown, PDF (active reports only — see Reports lifecycle) |
Exported files may contain sensitive operational text. Protect downloads according to your organisation's data classification rules.
Marketplace and Import Center interaction
| Path | Trust at intake | Typical export after intake |
|---|---|---|
| Marketplace install | Server-side trusted copy | Often export-blocked by provenance |
| Import Center upload | Always untrusted; validated by you | May be exportable if imported provenance is eligible and entitlement allows |
Uploading the same JSON through Import Center does not make Marketplace-installed content exportable. Installed and uploaded paths remain separate.
Package JSON cannot grant export rights
User-created export packages and uploaded import packages must not include:
- Billing, Stripe, subscription, coupon, or entitlement-grant fields
- Trusted-origin, publication, or unlock declarations
- Secrets, tokens, storage paths, or signed URLs
Export permission is decided by server policy on workspace rows — not by fields inside package JSON.
Related docs
- Import & Export — Import Center flow and Package v1 basics
- Marketplace — trusted install path
- Starter packs — recommendations and install boundaries
- Security & Responsible Use — safe handling of exports and untrusted imports
- Templates lifecycle — template export guards including archived templates

