Security Documentation:
- docs/security/threat-model.md: Comprehensive threat model covering
channels, tools, gateway, local files, browser automation, and plugins
- docs/security/data-handling.md: Data handling policy covering storage,
retention, user rights (access, export, delete), and compliance
Doctor Security Check:
- Added credential encryption check to doctor-security.ts
- Warns about unencrypted WhatsApp/Web credentials
This completes Phase 1 Security Hardening (Tasks 1.1-1.6).
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>