Security: disable debug=True / Werkzeug debugger exposure in app.py

[timon0305]

Problem

app.py hard-codes debug=True in its app.run(...) call, which enables the Werkzeug interactive debugger. The Werkzeug debugger is a remote-code-execution primitive — anyone who can reach the listening port (and guess the PIN, which is generated from machine-stable inputs) can execute arbitrary Python in the server process. Even with the default 127.0.0.1 bind, this is a footgun: a misconfigured --host, a tunnel, or a careless reverse proxy exposes RCE.

There is also no way for an operator to opt out — debug=True is unconditional.

Suggested fix

• Remove the unconditional debug=True literal from app.py.
• Default debug=False. Make it opt-in via either a --debug CLI flag or FLASK_DEBUG=1 env var.
• When debug is enabled, print a stderr WARNING explaining the RCE risk and reminding the operator to bind only to loopback.
• Gate the auto-reloader on the same flag (no point reloading when debug is off).
• Ship a regression test that fails if debug=True is ever re-introduced as a literal in app.py, plus unit coverage for the env/CLI resolution helper.

Severity

Critical — Werkzeug debugger exposure is a documented RCE pathway. Listed as a Critical / 1pt item in Will's eval week-1 plan for cppa-cursor-browser.