{
  "integrations": [
    "auth",
    "database"
  ],
  "riskIncludes": [
    "auth/session handling",
    "admin surfaces"
  ],
  "envNames": [
    "AUTH_SECRET",
    "DATABASE_URL",
    "ADMIN_AUDIT_WEBHOOK_URL"
  ],
  "apiIncludes": [
    "app/api/admin/users/route.ts"
  ],
  "candidateTitles": [
    "Auth / Session Buildprint",
    "Admin Surface Buildprint"
  ],
  "mustContain": [
    "admin surfaces",
    "auth/session handling",
    "ADMIN_AUDIT_WEBHOOK_URL",
    "Which admin actions require confirmation or audit events?"
  ],
  "mustNotContain": [
    "super-admin-secret"
  ]
}