Privacy

JWT authentication, per-user trust levels, encrypted credentials, and proof that two users can’t see each other’s data.

Cross-session episodic memory — the system remembers what worked, what failed, and applies that knowledge to future tasks.

The third full security audit. 13 batches of fixes, from API hardening to dead code removal.

The hardest design problem wasn’t security — it was giving the planner context without breaking the privacy boundary.

How a Google Maps feature turned a close protection worker into a privacy obsessive — and laid the foundation for everything that came after.