Security

What Is Live

• API route: src/app/api/audit/route.ts
• API route: src/app/api/audit/site/[siteId]/route.ts
• Service: src/lib/security/authorizeSecurityAction.ts
• Service: src/lib/security/recordSecurityAuditEvent.ts
• Adapter: src/lib/operator-command/operatorCommandSecurityAdapter.ts
• Production evidence: Production upload path uses existing document_upload guard.

What Is Not Wired

• Missing critical piece: Session-bound actor resolution for production user identity.
• Known risk: Static UI actor remains a simplification for server action attribution.

Known Blockers

No active blockers are listed.

Next Recommended Action

• Replace static operator actor with authenticated session actor before real multi-user use.

System Audit Evidence

• Readiness score: 85%
• Integration depth: adapter integrated
• Route exposure: none
• Security boundary: clear
• Queue integration: not applicable
• Readiness integration: not applicable
• Workflow integration: wired
• Data Room integration: wired
• Export integration: wired
• Test: src/lib/security/__tests__/securityPermissionMatrix.test.ts
• Test: src/lib/security/__tests__/recordSecurityAuditEvent.test.ts
• Smoke: scripts/smoke-security-operator-command.ts
• Persistence: Vercel Blob-first security audit log with local/tmp fallback.

Architecture Governance

• 11 governance doctrines tracked
• 15 required adapter seams
• 13 forbidden direct couplings
• No high or critical governance findings

Capability Registry

• Read-only Security status page for audit log, authorization, and policy evidence.
• Registry production status: production
• Primary nav group: System
• Capability: system audit maturity
• Capability: security evidence inventory
• Capability: audit log posture
• Capability: safe operator links