Security
Security posture that reads like an operator screen
The goal is not vague reassurance. The goal is a posture teams can reason about: identity, permissions, credential hygiene, auditable actions, and exposure paths that stay intentionally governed.
SECURITY_VERIFIED.md
# SECURITY_VERIFIED.md
- deny_by_default: true
- credential_reveal_requires_permission: true
- audit_sensitive_actions: true
- public_access_is_governed: true
- refresh_rotation: enabled
- access_token_signature: ed25519
- preferred_request_flow:
- request
- server
- api
- baserdb
- server
- displayDeny by default
Nothing is exposed until identity, role scope, and the requested action all line up.
Credential hygiene
Connection strings stay masked until a privileged reveal action occurs, and that action is expected to remain auditable.
Auditability
Logins, resets, role changes, URI reveals, restores, backups, network changes, and terminal execution belong in the audit trail.
Governed public access
Public access means a managed product decision with controls around it, not uncontrolled database exposure.