API Key Isolation
OpenRouter credentials are stored server-side in Pages secrets and never hardcoded into frontend source.
Security
Promptup is designed with secure defaults, transparent architecture, and privacy-first behavior in mind.
Same-Origin Proxy
Frontend calls are routed to /api, reducing leakage risks and keeping request handling centralized.
Progressive Processing
Users can analyze prompts instantly without cloud inference, then opt in to AI rewriting only if needed.
Operational Visibility
A health endpoint helps monitor deployment status and secret configuration safely.