# Security

## Core Controls

- API key authentication with constant-time comparison.
- Auth failure throttling.
- Per-IP and per-token request rate limits.
- Strict input validation via Pydantic schemas (`extra=forbid`).
- Policy engine authorization before tool execution.
- Secret detection with mask/block behavior.
- Production-safe error responses (no stack traces).

## Prompt Injection Hardening

Repository content is treated strictly as data.

- Tool outputs are bounded and sanitized.
- No instruction execution from repository text.
- Untrusted content handling helpers enforce maximum output size.

## Secret Detection

Detected classes include:
- API keys and generic token patterns.
- JWT-like tokens.
- Private key block markers.
- Common provider token formats.

Behavior:
- `SECRET_DETECTION_MODE=mask`: redact in place.
- `SECRET_DETECTION_MODE=block`: replace secret-bearing field values.
- `SECRET_DETECTION_MODE=off`: disable sanitization (not recommended).

## Authentication and Key Lifecycle

- Keys must be at least 32 characters.
- Rotate keys regularly (`scripts/rotate_api_key.py`).
- Check key age and expiry (`scripts/check_key_age.py`).
- Prefer dedicated bot credentials with least privilege.