{
  "schema_version": "1.0",
  "owner": "Prasad Kavuri",
  "contact": "vbkpkavuri@gmail.com",
  "last_reviewed": "2026-05-06",
  "controls": {
    "csp": "Allowlisted Content-Security-Policy in next.config.ts and src/proxy.ts; hardened with base-uri, form-action, object-src, and upgrade-insecure-requests directives",
    "isolation_headers": "COOP/COEP configured for browser WASM/WebGPU requirements",
    "rate_limiting": "Proxy-level API rate limiting plus route-level limits",
    "ssrf": "safeServerFetch validates URLs, DNS resolution, private IP ranges, and redirects",
    "guardrails": "Prompt-injection heuristics and input/output validation in guardrails.ts",
    "log_redaction": "query-log.ts redacts emails, phone numbers, bearer tokens, API-key-like strings, and env assignments",
    "env_hygiene": ".env files are gitignored and secrets load from environment variables",
    "ci": "npm audit, lint, coverage tests, build, and E2E checks",
    "agent_sandbox": "AGENTS.md, CLAUDE.md, SECURITY.md, and repo skill define coding-agent boundaries",
    "qwen_moe_gate": "Local vllm endpoint gated behind ENABLE_LOCAL_QWEN env flag; returns safe fallback in production to prevent serverless timeout and loopback exposure",
    "html_json_escaping": "Internally generated JSON inserted into HTML pre blocks is escaped (&, <, >, U+2028, U+2029) to prevent script-injection via future content changes",
    "mcp_tool_call_controls": "Tool-calling routes enforce allowlist (ALLOWED_TOOL_NAMES) and per-request cap (MAX_TOOL_CALLS=5); raw model-selected args are stripped from client responses",
    "dev_deps_hygiene": "Build-only packages (shadcn) moved to devDependencies; prod install surface reduced"
  },
  "residual_risks": [
    "Third-party agent runtimes may vary in policy enforcement",
    "Browser model/CDN availability can affect browser-side demos",
    "No formal third-party penetration test has been completed",
    "Prompt-injection detection is heuristic, not a complete guarantee",
    "DNS validation depends on Node DNS API availability and deployment infrastructure behavior"
  ],
  "validation_commands": [
    "npm audit --audit-level=high",
    "npm audit --omit=dev --audit-level=moderate",
    "npm run lint",
    "npm run test:coverage",
    "npm run build",
    "npm run test:e2e"
  ],
  "security_policy_url": "https://github.com/prasad-kavuri/prasad-portfolio/blob/main/SECURITY.md",
  "threat_model_url": "https://github.com/prasad-kavuri/prasad-portfolio/blob/main/docs/SECURITY_THREAT_MODEL.md"
}