Security review guidance for agent configs, MCP and filesystem exposure, red-team scenarios, and audit prompts.