Guardrails IP protection model

Users receive outputs, not internal logic.

MIRROR should be built with server-side execution, explicit persistence, and mode-based access controls so sensitive prompts, routing rules, source code, and workflow definitions never become client-side product surface.

Server-Side Isolation

Core routing, prompt structures, model orchestration, source logic, and secret-bearing execution remain behind API-gated services.

Mode-Based Access

Personal, Professional, and Enterprise modes carry distinct permissions, memory rules, module access, and output policies.

Explicit Persistence

Personal sessions are ephemeral by default. Users intentionally save outputs into a selected knowledge space.

Enterprise Controls

Organizations get admin roles, gated tools, compartmentalized knowledge bases, and audit trails for sensitive workflows.

Recommended Stack

Production architecture path.

Frontend

Next.js, React, Tailwind CSS, shadcn/ui, mode-aware dashboard routes, and responsive module screens.

Backend

Supabase Auth, PostgreSQL, row-level security, API-gated execution, module usage tracking, and encrypted storage.

Infrastructure

Vercel deployment, environment-separated workspaces, secure secret management, audit logs, and usage limits.