Please report security issues privately via a GitHub security advisory rather than a public issue.

• Real secrets never belong in the repository. The Worker reads them from .dev.vars locally and from wrangler secret put in production.
• packages/worker/.dev.vars.example documents every secret with placeholder values only.

• The browser uploads originals directly to R2 via short-lived signed URLs; the Worker only signs URLs and records metadata in D1.
• The local sync daemon authenticates to the Worker with DAEMON_SECRET.
• Destructive actions are gated by hashed PINs, never raw PINs in the repo.