# Hardening And Release

## Purpose

This document captures the production-readiness work needed to operate the marketing agent platform safely at scale.

## Security

- move secrets out of committed environment files and into Azure-managed secret storage
- use managed identity where possible for Azure service access
- validate tenant scope before retrieval and before tool execution
- test prompt-injection and cross-tenant leakage paths
- retain provenance for every response and artifact

## Observability

- structured logs for request, session, tenant, lane, model, and tool policy
- audit-event persistence for prompt and retrieval provenance
- alerting for sync failures, approval failures, and runtime errors
- dashboards for cache freshness, approval backlog, and request volume by lane

## Quality

- TypeScript build validation
- unit tests for classification, prompt assembly, and access gating
- integration tests for retrieval ordering and approval promotion
- red-team tests for tenant isolation and policy bypass attempts

## Delivery

- CI workflow for install, build, and test
- environment promotion from local to dev to production
- hosted deployment path for the showcase site and admin console
- release checklist covering configuration, auth scopes, sync health, and rollback

## Data Lifecycle

- define retention windows for drafts and audit events
- support export and deletion for tenant artifacts
- remove retired assets from active retrieval immediately