What the audit actually found.

"35 agents, zero criticals" with the body attached: nine dimensions, every finding verified by a separate agent before it counted, then fixed and redeployed. Three of the real ones:

HIGH Secrets in the image

The .dockerignore matched paths with no basename fallback, so the token-signing secrets shipped inside the gateway image. Fixed: recursive **/.env* + rotation.

MED Rate-limit drain

The limiter keyed on the rotating anonymous token — a fresh token per render made the cap illusory. Fixed: key on the verified tenant.

MED Crisis filed as a lead

A distressed user could be captured as a sales lead. Fixed: the crisis flag now short-circuits lead capture.

Nine dimensions: isolation · auth · injection · money · governance · generative-engine · frontend · completeness · infra. Verdict: zero critical, no cross-tenant breach, no live auth bypass — every edge fixed.

Re-run the audit's core checks live →

Every number, with the asterisk already attached.

Most builders pad. I'd rather you trust the parts that are real than be impressed by parts that aren't.

1builder* not a team

~550tests green* not a formal proof

35 → 0adversarial agents, zero criticals* self-run, not third-party

1production instance* by choice — scale is the unlearned lesson

2 → 1residents, one spine* composition, proven by lint

The system is honest because the person who built it is — and I wired that conviction into the code.

Built solo. Running in production. Open to the right team.

If governed, multi-tenant agent infrastructure is the problem you're solving — let's talk.

Get in touch →See the work on GitHub ↗