Security & Compliance
FCA-grade security controls around auth, PII, and prompt injection:
- JWT HS256 + bcrypt Auth — minimum 32-char
SECRET_KEYenforced in production viafield_validator - Presidio PII + Lakera Injection Defense — Microsoft Presidio with
en_core_web_lg+ Lakera Guard API - Bcrypt Password Hashing (passlib) —
passlib.context.CryptContext(schemes=["bcrypt"])with configurable rounds
Last updated on