diff --git a/.sensitive.example.json b/.sensitive.example.json
new file mode 100644
index 0000000..2d2b6a9
--- /dev/null
+++ b/.sensitive.example.json
@@ -0,0 +1,38 @@
+{
+    "google.com": {
+        "x_username": "whs.imnya.ng@gmail.com",
+        "x_password": "Vb1Mz9pgjY8JVs"
+    },
+    "accounts.google.com": {
+        "x_username": "whs.imnya.ng@gmail.com",
+        "x_password": "Vb1Mz9pgjY8JVs"
+    },
+    "naver.com": {
+        "x_username": "oauth-j93es",
+        "x_password": "whs31234"
+    },
+    "nid.naver.com": {
+        "x_username": "oauth-j93es",
+        "x_password": "whs31234"
+    },
+    "github.com": {
+        "x_username": "imnyang-bot",
+        "x_password": "6PuVXCH9tpQLNm"
+    },
+    "apple.com": {
+        "x_username": "",
+        "x_password": ""
+    },
+    "appleid.apple.com": {
+        "x_username": "",
+        "x_password": ""
+    },
+    "microsoft.com" :{
+        "x_username": "whs.imnya.ng@gmail.com",
+        "x_password": "WHS123987"
+    },
+    "login.microsoftonline.com" : {
+        "x_username": "whs.imnya.ng@gmail.com",
+        "x_password": "WHS123987"
+    }
+}
\ No newline at end of file
diff --git a/src/lib/llm/prompt/apple/__init__.py b/src/lib/llm/prompt/apple/__init__.py
new file mode 100644
index 0000000..ccd832f
--- /dev/null
+++ b/src/lib/llm/prompt/apple/__init__.py
@@ -0,0 +1,2 @@
+from lib.llm.prompt.apple.prompt import prompt
+from lib.llm.prompt.apple.model import model
diff --git a/src/lib/llm/prompt/apple/model.py b/src/lib/llm/prompt/apple/model.py
new file mode 100644
index 0000000..773f3a7
--- /dev/null
+++ b/src/lib/llm/prompt/apple/model.py
@@ -0,0 +1,6 @@
+from pydantic import BaseModel
+
+class model(BaseModel):
+    msg: str | None = None
+    status: str | None = None  # "success", "mfa_required", "apple_blocked", "sso_not_found", "login_page_not_found", "invalid_credentials"
+    final_url: str | None = None
diff --git a/src/lib/llm/prompt/apple/prompt.py b/src/lib/llm/prompt/apple/prompt.py
new file mode 100644
index 0000000..efd2546
--- /dev/null
+++ b/src/lib/llm/prompt/apple/prompt.py
@@ -0,0 +1,59 @@
+import os
+
+# Extended planner prompt
+prompt = f"""
+You are a web automation agent.
+
+Your task is to visit the given domain and perform a full login via the **Apple SSO button**, following all steps strictly as described below.
+
+▶ Target: Find a login page inside this domain that allows "Sign in with Apple", and use it to complete login via Apple.
+
+Instructions:
+
+1. If any cookie or privacy popups appear, dismiss or accept them.
+2. Navigate through the site's UI to find the **login or sign-in page** (e.g., via buttons like "Log In", "Sign In", "Get Started").
+    - Only follow links within the same domain.
+3. On the login page, look for a clearly labeled **Apple SSO button** — typically labeled as:
+    - "Continue with Apple"
+    - "Sign in with Apple"
+    - or a button with the Apple icon
+4. Click the **Apple login button**.
+    - ⚠️ The Apple login flow MUST open in a **new browser tab** (not a new window or popup).
+    - ❌ If the login opens in a new **window** or **popup**, do NOT continue. Immediately stop and return the appropriate status.
+5. Check if the user is **already logged in to Apple and immediately redirected back to the original site** without showing a Apple login screen.
+    - ✅ If so, treat the login as successful and return immediately.
+6. If redirected to the Apple login page:
+    a. If a **CAPTCHA**, complete it.
+    b. If a **MFA prompt**, or a request for **ID/password entry** appears, do NOT proceed - Immediately stop and return the appropriate status.
+    - If a **"Continue"**, **"Trust"**, **"Authorize"**, or **"Allow"** button is displayed, click it to grant consent.
+7. If login proceeds without interruptions, wait for redirection back to the original site and record the final URL.
+
+Credentials to use for Apple login:
+- Email: {os.getenv("APPLE_EMAIL", "")}
+- Password: {os.getenv("APPLE_PASSWORD", "")}
+
+Constraints:
+- Do NOT use search engines or guess URLs.
+- Do NOT use autofill, saved sessions, or cookies.
+- Do NOT proceed with login if:
+    - The login opens in a new window (only tabs are allowed)
+    - CAPTCHA or MFA appears
+    - ID/password input is required
+- If the user is already logged in to Apple and redirected back automatically, stop there and report success.
+- If the login page cannot be found, return "login_page_not_found".
+- If the Apple login button is not found, return "sso_not_found".
+- If a page such as a sign-up page appears, consider it a successful login and terminate immediately.
+
+Final Output:
+Return the result in the following format only:
+
+```json
+{{
+    "msg": "Apple login completed",
+    "status": "success" | "already_logged_in" | "mfa_required" | "captcha_triggered" | "window_blocked" | "idpw_required" | "apple_blocked" | "sso_not_found" | "login_page_not_found",
+    "final_url": "<url_after_login_redirect or empty string>"
+}}
+```
+
+- Return ONLY the JSON object. Do NOT include any explanation, logging, or extra output.
+"""
\ No newline at end of file