Refine Anti‑Bias Reader execution plan (security, streak logic, UX refinements)

[Kvnbbg]

Motivation

• Address feedback on the initial execution plan by providing concrete, copy-paste-ready security and runtime snippets for ingestion and rendering of third‑party content.
• Make streak/medal behavior deterministic by adding explicit streak update logic to reliably award the monthly_guardian medal at 30 days.
• Improve reading UX, accessibility, and conversion flow by refining swipe behavior, navigation labels, and engagement-gated auth prompts.

Description

• Add server-side RSS sanitization function sanitizeRssContent using sanitize-html and a strict Content-Security-Policy example to harden XSS defenses.
• Add PL/pgSQL update_streak_on_read(p_user_id uuid, p_read_date date) to correctly advance/reset streaks and keep the existing award_monthly_guardian_medal() trigger to ensure medals are awarded consistently.
• Refine the PageContainer by adding overflow-hidden to stabilize horizontal swipe navigation and add an engagement-gated prompt helper shouldPromptSaveProgress to defer auth prompts until meaningful use.
• Improve UI code snippets by adding accessibility labels to Navbar/Foobar, Framer Motion components for StreakFlame and MedalUnlock, and monetization helpers including startCheckout (Stripe) and ChapterInterstitialAd (AdSense).

Testing

• No automated tests were run for this documentation change; please run npm run lint, npm run build, type checks, and database migration tests when integrating these snippets into runtime code.

---

Codex Task

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Review	Updated (UTC)
cfa	Ready	Preview, Comment	Jan 25, 2026 3:46pm

[chatgpt-codex-connector]

You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard.
To continue using code reviews, you can upgrade your account or add credits to your account and enable them for code reviews in your settings.