This repository is a public proof surface and does not accept live tenant, user, or privileged production data.
- synthetic access-certification and entitlement evidence only
- read-only public demonstration routes
- no production credentials, API keys, or tenant secrets in the repository
- do not describe this repo as SOC 2 compliant, ISO 27001 certified, FedRAMP authorized, or otherwise audited
- use language such as
evidence posture,readiness,routing,review surface, andattestation - any real deployment handling customer identity data would require separate security, legal, and privacy review
If you identify a security issue in the public code, open a private disclosure through GitHub security advisories or contact the maintainer directly before public disclosure.