Security/privacy audit note

Quick audit: biggest risks are 1) the Cloudflare worker is an open public proxy for paid APIs, 2) raw user transcripts + AI replies are sent to PostHog, and 3) one fallback path ships an OpenAI key in the app bundle. Main issue isn’t code quality, it’s security/privacy boundaries.