GitHub Security Issue: Geometry Routes Accept Unsanitized Regex and Lack Authentication

A high-severity security vulnerability has been reported in the file `server/routes/geometry.ts`. The issue exposes three critical security flaws in the system's geometry route handling. First, a ReDoS (Regular Expression Denial of Service) vulnerability exists where the `POST /api/geometry/rules` endpoint accepts user input that is directly compiled into a regular expression using `new RegExp(pattern)`. While there is a try/catch block for invalid regex syntax, there is no protection against malicious patterns designed to cause catastrophic backtracking, such as `(a+)+$`. Such patterns can hang the Node.js event loop, leading to a denial of service. Second, there is a complete lack of authentication for the `POST /rules` and `POST /recalibrate` endpoints. These endpoints allow modification of the system's classification behavior without any authorization checks, enabling unauthorized changes. Third, there is no input validation for key parameters. The quadrant, triality, and slot values are not range-checked, allowing potentially invalid or malicious data to be processed. The recommended fix includes implementing a safe-regex library to reject dangerous patterns, adding authentication middleware to all mutation endpoints, and validating numeric ranges (e.g., quadrant 0-3, triality 0-2, slot 0-7).