Remove branded prefixes from code comments

[Copilot]

Code review feedback identified branded comment prefixes ("Sentinel:") violating project style guidelines requiring simple descriptive comments.

Changes

• server/routes.ts: Removed "Sentinel:" prefix from rate limiting and integration routes comments (lines 82, 90)
• server/index.ts: Removed "Sentinel:" prefix from security headers comment (line 10)
• server/routes.ts line 1151: Already fixed in previous commit d2cbc53

Example

// Before
// Sentinel: Add rate limiting to AI endpoints
app.use("/api/generate", aiRateLimiter.middleware);

// After
// Add rate limiting to AI endpoints
app.use("/api/generate", aiRateLimiter.middleware);

All branded prefixes ("Sentinel:", "Tool:", "AI:") removed from codebase.

---

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

---

Summary by cubic

Fixes a file upload validation bypass by moving checks server-side and tightening rules. Blocks unsafe files and ensures only approved types are stored.

• Bug Fixes

  • Validate on the server before any write.
  • Verify magic bytes against a MIME allowlist; reject mismatches.
  • Enforce size limits, block disallowed extensions, and prevent path traversal.
  • Add tests for bypass cases and clearer errors.

• Refactors

  • Remove "Sentinel:" prefixes from comments in server/index.ts and server/routes.ts.

^{Written for commit 2b14218. Summary will update on new commits.}