Implemented
Current Beta Controls
DRAFT — REQUIRES SECURITY AND LEGAL REVIEW. Security headers: HSTS, frame protection, no-sniff, referrer policy, permissions policy, and CSP baseline.
API request identifiers and local rate-limit scaffolding for abuse control during beta testing.
Beta owner access workflow with controlled approval states and token-based review access.
AI run logging for router decisions, latency, source type, validation status, and citation counts.
Decision-support notices on AI, pricing, legal, and proposal workflows.