Authorization Controls

Capability tokens, human oversight gates, selective disclosure, process-level mediation, and ephemeral identity purge.