Design principles
- Invite-only access for live analysis in v1.
- Uploaded files and artifacts remain on server storage under a controlled VPS deployment.
- The browser never talks directly to the Python service.
Trust and deployment
Built for trust, the platform keeps portfolio data in a secure, access-controlled environment, with private analytics operating behind the scenes under authenticated, tightly governed access.
Public traffic terminates at Next.js.
Authenticated analysis requests are validated in Next.js before the app reaches the internal Python service.
The worker consumes queued runs from PostgreSQL and writes artifacts to local VPS storage.
The browser sees clean web summaries first and only drills into the original HTML artifacts when needed.