Settings

No secrets are stored in this static prototype.

Future API keys should be encrypted and guarded by role.

Audit logs should record every sensitive settings change.