Use lockfile-driven installs in Docker paths and add high-severity npm audit checks in CI while documenting local CORS policy for compose-based development. Made-with: Cursor
