A full security audit has been completed and applied: row-level security enabled on all database tables, function search paths hardened against schema-injection patterns, and legacy policies that permitted anonymous writes have been closed. No user-facing changes — the platform operates identically with tighter defaults in place.