## Summary
- Describe the user-visible or operator-visible change.
## Checks
- [ ] Tests or validation relevant to this change were run
- [ ] Documentation was updated if behavior, setup, or policy changed
- [ ] New configuration is documented with secure defaults
## Security Review
- [ ] This change does not introduce hard-coded secrets
- [ ] This change does not expand data collection without documentation
- [ ] Authn/authz impact was reviewed if endpoints, actions, or permissions changed
- [ ] Logging impact was reviewed for sensitive data exposure
- [ ] External provider or model changes were reviewed for data handling impact
## Compliance Notes
- [ ] No new compliance claim is introduced without evidence
- [ ] Data handling scope is unchanged or updated in `SECURITY.md` and the relevant KB pages