diff --git a/.github/SECURITY.md b/.github/SECURITY.md
index c23e4b37..579f1c17 100644
--- a/.github/SECURITY.md
+++ b/.github/SECURITY.md
@@ -34,10 +34,11 @@ Or with Docker Compose, uncomment `network_mode: "none"` in `docker/docker-compo
## IPC & Input Validation
-- All IPC handlers validate inputs with strict path containment checks
-- File reads are constrained to the project root and `~/.claude/`
+- Electron IPC and standalone HTTP handlers validate IDs, paths, and payloads at the boundary
+- Project editing and write operations are constrained to the selected project root
+- Read-only discovery may access local Claude data under `~/.claude/` and app-owned state paths when needed
- Path traversal attacks are blocked
-- Sensitive credential paths are rejected
+- Sensitive config and credential-like paths are rejected or treated as protected targets
## Supported Versions
diff --git a/README.md b/README.md
index ed65dcb3..0ffe93dc 100644
--- a/README.md
+++ b/README.md
@@ -10,7 +10,7 @@
You're the CTO, agents are your team. They handle tasks themselves, message each other, review each other. You just look at the kanban board and drink coffee.
@@ -23,7 +23,7 @@
- 100% free, open source. Auto-detects Claude/Codex. Use the provider access you already have - subscriptions/logins or API keys where supported. Not just coding agents. + 100% free, open source. Auto-detects Claude/Codex. Use the provider access you already have - subscriptions or API keys. Not just coding agents.