diff --git a/Agents/COMPUTE_PLAN.md b/Agents/COMPUTE_PLAN.md
index 6646a14..fc32eaa 100644
--- a/Agents/COMPUTE_PLAN.md
+++ b/Agents/COMPUTE_PLAN.md
@@ -2,7 +2,7 @@
 
 **Owner:** Agent team  
 **Status:** Active  
-**Last updated:** 2026-04-16  
+**Last updated:** 2026-04-16 (audit hardening pass)  
 
 **Canonical math:** [MATH_SPEC.md](MATH_SPEC.md)  
 **Agent rules:** [AGENTS.md](../AGENTS.md) at repo root  
@@ -161,6 +161,10 @@ This section is the execution plan for the next pass, optimized for "feature-ric
 ### 8.1 Priority 1 — Correctness gates first
 
 - Build a field-sensitivity harness (per mapped input field, ±1% perturbation).
+- Implemented in this pass:
+  - safer stdin/file JSON ingestion guards in `solver-c/src/json_stdin.c`, `solver-c/src/main.c`, `solver-c/src/main_fea.c`,
+  - API 4xx envelope normalization with machine-readable `code`,
+  - GUI stale-run guard for async solve execution.
 - Enforce invariants in solver outputs:
   - finite values everywhere,
   - gas fraction bounds,
diff --git a/CHANGELOG.md b/CHANGELOG.md
index d37e364..0c9ce26 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -10,3 +10,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Added
 
 - Initial public-ish repository layout: `solver-c`, `solver-api`, `gui-ts`, regression data, engineering docs, and agent handoff docs.
+
+### Changed
+
+- Hardened `solver-c` JSON/input boundaries and file-loading paths to prevent buffer/partial-read edge failures.
+- Added API error envelope consistency (`schemaVersion` + `code`) for expected 4xx paths and diagnostic workflow validation.
+- Added GUI run-token protection against stale async solve responses and explicit FDM/FEA card-length mismatch messaging.
+- Switched Docker build dependency installs to `npm ci` for reproducibility and added CI dependency audit checks.
+- Added full tracked-file audit ledger at `docs/engineering/full-repo-audit-ledger.md`.
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 13e5922..ec494df 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -33,6 +33,8 @@ The API expects `solver-c/solver_main` and `solver-c/solver_fea_main` in the rep
 
 ```bash
 make test
+make test-solver-sanitize
+cd gui-ts && npm run build
 ```
 
 This runs `solver-api` Vitest, `gui-ts` Vitest, and `solver-c/test_solver`.
@@ -42,6 +44,7 @@ This runs `solver-api` Vitest, `gui-ts` Vitest, and `solver-c/test_solver`.
 - Keep changes focused; avoid drive-by refactors.
 - If you change solver equations or boundary conditions, update [Agents/MATH_SPEC.md](Agents/MATH_SPEC.md) and the gap table in [Agents/COMPUTE_PLAN.md](Agents/COMPUTE_PLAN.md).
 - If you change the JSON contract or HTTP responses, bump `schemaVersion` only with an explicit migration plan (see [AGENTS.md](AGENTS.md)).
+- Keep golden response behavior deterministic; only update `data/golden/default.solve.sha256` when output changes are intentional and documented.
 
 ## Coding style
 
diff --git a/README.md b/README.md
index bbcc70d..a8f7f86 100644
--- a/README.md
+++ b/README.md
@@ -93,6 +93,12 @@ cd solver-api && npm install && npm run dev
 cd gui-ts && npm install && npm run dev
 ```
 
+Optional API hardening for browser clients:
+
+```bash
+cd solver-api && CORS_ORIGINS="http://localhost:5173" npm run dev
+```
+
 - API: `http://localhost:4400/health`  
 - GUI: `http://localhost:5173`  
 
diff --git a/SECURITY.md b/SECURITY.md
index d54775a..b76193f 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -18,3 +18,5 @@ Do not open a public issue for undisclosed vulnerabilities.
 
 - The local API is intended for **trusted development networks**. Do not expose it to the public internet without hardening (TLS, auth, rate limits, reverse proxy).
 - Treat uploaded XML as untrusted input at API boundaries.
+- `CORS_ORIGINS` can be set to a comma-separated allowlist for browser clients; default behavior is permissive for local development.
+- For production-like deployments, disable runtime compiler dependencies and prebuild `solver-c/solver_main` and `solver-c/solver_fea_main`.
diff --git a/docs/engineering/validation.md b/docs/engineering/validation.md
index 5c76f20..f533b84 100644
--- a/docs/engineering/validation.md
+++ b/docs/engineering/validation.md
@@ -25,6 +25,7 @@ Last Updated: 2026-04-16
 ## Integration
 
 - `solver-api/tests/api.test.js` — solve routes, diagnostic path, golden hash, `validate-card`, `both` comparison keys.
+- API error contract checks: assert `schemaVersion` + machine-readable `code` on expected 4xx responses.
 - `comparison` schema v2 includes:
   - `peakLoadDeltas` for Pmax/Pmin and Dmax/Dmin
   - `pointwiseResiduals.series[]` (position + polished/downhole residuals)
@@ -70,6 +71,7 @@ Last Updated: 2026-04-16
 ### 5) CI checks
 
 - C sanitizers (ASan/UBSan) lane.
+- Dependency audit lane (`npm audit --omit=dev --audit-level=high`) for API and GUI packages.
 - Performance budget lane (fixed representative cases).
 - Artifact lane emits comparison/drift summaries.