From 77e989b5bf64d64e15e0e5d747a15be60d6ed2b0 Mon Sep 17 00:00:00 2001
From: Nyk <0xnykcd@googlemail.com>
Date: Fri, 27 Feb 2026 19:49:48 +0700
Subject: [PATCH] docs: fix remaining README inconsistencies
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Fix panel count in hero section: "20+" → "26" (matches architecture tree)
- Fix security advice: remove stale reference to open security issues (all closed), replace with actionable deployment guidance
---
 README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 207d7ca..7502fd1 100644
--- a/README.md
+++ b/README.md
@@ -22,7 +22,7 @@ Manage agent fleets, track tasks, monitor costs, and orchestrate workflows — a
 
 Running AI agents at scale means juggling sessions, tasks, costs, and reliability across multiple models and channels. Mission Control gives you:
 
-- **20+ panels** — Tasks, agents, logs, tokens, memory, cron, alerts, webhooks, pipelines, and more
+- **26 panels** — Tasks, agents, logs, tokens, memory, cron, alerts, webhooks, pipelines, and more
 - **Real-time everything** — WebSocket + SSE push updates, smart polling that pauses when you're away
 - **Zero external dependencies** — SQLite database, single `pnpm start` to run, no Redis/Postgres/Docker required
 - **Role-based access** — Viewer, operator, and admin roles with session + API key auth
@@ -66,7 +66,7 @@ Initial login is seeded from `AUTH_USER` / `AUTH_PASS` on first run.
 - **Change all default credentials** (`AUTH_USER`, `AUTH_PASS`, `API_KEY`) before deploying
 - **Deploy behind a reverse proxy with TLS** (e.g., Caddy, nginx) for any network-accessible deployment
 - **Review [SECURITY.md](SECURITY.md)** for the vulnerability reporting process
-- **Do not expose the dashboard to the public internet** without reviewing the open issues labeled `security`
+- **Do not expose the dashboard to the public internet** without configuring `MC_ALLOWED_HOSTS` and TLS
 
 ## Features