✦ Trust + security · honest status

What we’ve shipped, what we haven’t, and when.

Every line below is true today. When something moves from IN FLIGHT to LIVE, the badge promotes into the global footer. Until then, this is the only place we mention it. No badge theatre.

Workflow

Human-in-the-loop on every public-facing asset

LIVE

Every draft generated by the workforce passes through the operator approval queue at /studio/publish. Enforced server-side via /api/drafts/[id]/approve. Audit row written on every state change.

Cost discipline

Per-call USD cap on every LLM call

LIVE

Pre-flight BudgetExceededError fires before any token bills. MAX_COST_USD_PER_CALL env-driven (default $0.10).

Audit trail

Append-only agent_action_log

LIVE

Postgres table; every brief/draft state transition appended. Never updated or deleted from application code.

Cost discipline

Per-day per-user spend ceiling

IN FLIGHT· this week

Next push. SUM(cost_usd) for today vs DAILY_SPEND_CAP_USD blocks new generations.

Output safety

Copyright + trademark filter on generated content

IN FLIGHT· Block 2

Keyword + regex pass before HITL surfaces a draft. LLM-based check in Phase 2.

Output safety

AI-generated disclosure tag per channel

IN FLIGHT· Block 2

Compliance agent (spec Tier D #26) injects Meta / TikTok / YouTube required AI tags into exports.

Application security

Security headers (HSTS / X-Frame-Options / CSP)

LIVE

Set on every Next.js response via next.config.js. Mirror of the platform Python middleware chain.

Auth

Clerk authentication

IN FLIGHT· when production deploy is wired

Middleware-gated on /studio/* + /api/briefs + /api/drafts. Dev mode bypass active when keys are placeholders.

Privacy

GDPR · CCPA · PIPEDA alignment

PLANNED· Phase 2

No PII collected in Phase 1 (content creation has no PII inflow). When the newsletter signup adds an email field, full alignment work lands.

Accessibility

WCAG 2.1 AA audit

PLANNED· before public launch

Design tokens follow contrast guidance; formal axe-core + manual audit before public launch.

Payments

Stripe + PCI DSS

PLANNED· Block 10

No payments collected in Phase 1 — agency mode invoices manually. Stripe wires when SaaS surface ships.

Infrastructure

Cloudflare protection (DDoS + WAF)

PLANNED· on production deploy

Not yet deployed to production. When creativepulse.galaxyzen.ai goes live, Cloudflare proxy is on the deploy checklist.

Compliance

SOC 2 Type II

ROADMAP· first agency client

Trigger: first brand client procurement asks. Vanta/Drata onboarding the same month. Full controls map in docs/security/AUDIT_BLOCK_1_REVISION_2.md.

Supply chain

Container image signing (Cosign) + CVE scanning (Trivy)

ROADMAP· next CI push

When GitHub Actions CI lands. Currently pre-commit local testing only.

✦ How this page is maintained

Every claim above is reviewed quarterly during the canon doc refresh. Removing a claim is fine; promoting a claim without evidence is not. If you spot a stale row, file an issue or email trust@galaxyzen.ai.

← Back to home