Public prototypes should prove capability without becoming attack surfaces.

Demos use least privilege, read-only synthetic data, deterministic behavior, rate limiting, no credential exposure, and visible audit trails.