Security
Trader's public website is static Cloudflare Pages content. It has no login, no form submission, no payment flow, and no server process behind it.
Security headers
The site ships a restrictive Content Security Policy, HSTS,
X-Frame-Options, nosniff, and a minimal permissions policy through
Cloudflare Pages _headers.
Trading boundary
This site cannot place trades, approve trades, or change journals. It is a static product page for a system currently in paper-testing.
Reporting
The security policy is published at /.well-known/security.txt.
If you were invited to review the product, use the owner's existing
support channel.