# Security Review Checklist

- [ ] Authentication checked
- [ ] Authorization checked
- [ ] Inputs validated
- [ ] Secrets protected
- [ ] Errors do not leak sensitive data
- [ ] Logging is appropriate
- [ ] Dependencies are trusted

---

## Self-Evolution Protocol

This file is allowed to improve over time, but only through a controlled change process.

### When to propose an update

An agent may propose an update when it learns:

- A recurring mistake should be prevented.
- A better workflow has been proven useful.
- A project-specific convention has become stable.
- A prompt pattern produced better results.
- A tool, framework, library, or deployment rule changed.
- The Product Owner approved a new standard.

### How to update this file

Agents must not silently rewrite this file. They must create an improvement proposal using:

`./.ai/evolution/improvement-proposal-template.md`

Every proposal must include:

- File to update
- Current problem
- Proposed change
- Reason
- Risk
- Rollback plan
- Product Owner approval status

### Learning Log

Add durable lessons here only after they are proven useful.

| Date | Lesson Learned | Change Made | Approved By |
|---|---|---|---|
| YYYY-MM-DD | Initial baseline created. | Created file. | Product Owner |