The application operates as a client-side tool. The primary trust boundary is the user's device.
- API Keys: Stored in
process.env. Must not be leaked in client bundles (Note: For this demo, keys are assumed to be handled by the build environment). - User PII: Email and names stored in LocalStorage.
- Generated IP: Architectural artifacts generated by the tool.
Note: The current implementation is a simulation for demonstration purposes.
- Algorithm: Simulates
Argon2hashing (currentlybtoafor demo). - Rate Limiting: Enforces a strict 5-attempt limit per 15-minute window to prevent brute-force attacks.
- Session: LocalStorage-based session tokens.
| Vulnerability | Mitigation Strategy |
|---|---|
| Injection | All LLM inputs are sanitized. react-markdown sanitizes HTML output. |
| Sensitive Data Exposure | moderationService automatically masks PII (Email, IP, Phone) before storage. |
| Broken Access Control | Governance gates restrict "High Risk" templates to specific roles during onboarding. |
| Logging & Monitoring | All moderation actions are recorded in an immutable audit log (se_architect_moderation_audit). |
To prevent "Jailbreaking" or unsafe generation:
- System Prompt Locking: The
META_PROMPTis injected as asystemInstructionand cannot be overridden by user input. - Output Validation: Quality gates check for specific safety markers in the generated text.
- Development:
.envfile (git-ignored). - Production: Environment variables injected at build time.
- Warning: Never commit
API_KEYto version control.