This repository is a public-safe demo. Do not commit secrets, real model endpoints, production logs, customer prompts, API keys, classified material, export-controlled data, or proprietary datasets.

The current gateway uses demo principals and an in-memory rate limiter. Treat it as a security architecture artifact, not production-ready infrastructure.