Concepts

Security Boundaries

Userland control-plane, product, and app-runtime trust boundaries.

For agents: Keep control-plane credentials outside app code. App-user auth uses host-bound runtime cookies and reserved platform routes.

Planes

Runtime dispatch strips platform headers, ordinary cookies, internal headers, and control-plane credentials before app server code runs.