Document and strengthen security practices #12
Description
Document authentication, authorization, secrets management (dotenv), and dependencies. Conduct a basic security review for common backend risks. Summarize these practices and recommended steps in docs/ or README.md.