Use starts_with for segment matching in check_file_secrecy; remove is_bot from IMPLEMENTATION.md

Agent-Logs-Url: https://github.com/github/gh-aw-mcpg/sessions/c2a17f9e-44f8-498b-8dcd-40290a4119c3

Co-authored-by: lpcox <15877973+lpcox@users.noreply.github.com>

Author: Copilot

guards/github-guard/docs/IMPLEMENTATION.md

@@ -111,20 +111,6 @@ pub fn is_verified_contributor(username: &str, owner: &str, repo: &str) -> bool
 
 Uses `search_pull_requests` with query: `author:X repo:Y is:merged`
 
-### Bot Detection
-
-Known bots receive approved-level integrity (with unapproved floor):
-
-```rust
-pub fn is_bot(username: &str) -> bool {
-    lower.ends_with("[bot]")
-        || lower.ends_with("-bot")
-        || lower == "dependabot"
-        || lower == "renovate"
-        || lower == "github-actions"
-        || lower == "copilot"
-}
-```
 
 ## Project Structure
 

guards/github-guard/rust-guard/src/labels/tool_rules.rs

@@ -682,7 +682,7 @@ fn check_file_secrecy(
 
     // Check for sensitive file extensions/names
     for pattern in SENSITIVE_FILE_PATTERNS {
-        if path_lower.ends_with(pattern) || path_lower.split('/').any(|seg| seg == *pattern) {
+        if path_lower.ends_with(pattern) || path_lower.split('/').any(|seg| seg.starts_with(*pattern)) {
             return policy_private_scope_label(owner, repo, repo_id, ctx);
         }
     }