The contract's already got some cracks showing up in the actual data. We're talking issue #1770 where empty-context reports are still sneaking through, issue #1276 where 5-8% of citation metadata is just straight-up wrong, and CVE-2026-5633 with that nasty unpatched SSRF vulnerability hanging out in source_urls waiting to get exploited. Yea the checklist catches most of the citation fumbles and boundary leaks but it's basically flying blind on deployment-level risks - honestly, any WebSocket sitting there without auth is basically handing out a CVSS 9.8 free pass for draining API budgets and exfiltrating reports. Before you even think about flipping the multi-user switch, I'd nail down some things, actually verify which retriever ran coz Tavily token usage gets silently ghosted sometimes, run a post-hoc URL health check on every single citation, and slap a reverse-proxy in front with domain whitelisting and per-client rate limits. The real money insight tho -- GPT Researcher's not winning points for how smooth it reads - it's all about whether that provenance chain stays intact and you can't just treat that like some browser tab