diff --git a/claude_code_partials_detailed_prompt.txt b/claude_code_partials_detailed_prompt.txt
new file mode 100644
index 0000000..f6ae077
--- /dev/null
+++ b/claude_code_partials_detailed_prompt.txt
@@ -0,0 +1,97 @@
+Work in the `platform` repo and continue from the current remediation state.
+
+Use Gitea issues as the source of truth:
+- `#1` umbrella
+- `#5` Gateway Trust Model
+- `#8` Dependency Security
+- `#9` Performance Hardening
+
+Important instruction:
+- Do NOT rotate or change the admin password during this pass.
+- Treat admin password rotation as a final manual ops step after all code and config fixes are complete and verified.
+- If you mention password rotation in comments or summaries, explicitly mark it as "LAST STEP".
+
+First, re-verify the repo state before changing anything. Do not trust prior summaries blindly.
+
+Current verified status:
+- Completed: `#2`, `#3`, `#4`, `#6`, `#7`, `#10`
+- Partial: `#5`, `#8`, `#9`
+
+Remaining work by issue:
+
+`#5 Gateway Trust Model`
+Current state:
+- Token validation is improved and uses protected endpoints.
+- Inventory `/debug-nocodb` has been removed.
+- Inventory search sanitization is better.
+- The gateway still has a service-global trust model for gateway-key services.
+
+What remains:
+- Re-check whether the current gateway-key service model is acceptable as-is or should be narrowed further.
+- If it stays, document it precisely and avoid claiming it was eliminated.
+- Review inventory and similar internal services for any remaining permissive/debug/admin-style surfaces.
+- Review whether service-global access should be limited at route level, method level, or by explicit allowlist.
+- Make sure issue comments and final summary describe the trust model accurately, not optimistically.
+
+Acceptance bar:
+- No remaining accidental debug endpoint exposure.
+- Remaining gateway-key trust assumptions are explicit, minimal, and documented.
+- No false claim that per-user auth exists where it does not.
+
+`#8 Dependency Security`
+Current state:
+- Budget dependency audit is clean.
+- `.gitea/workflows/security.yml` exists.
+
+What remains:
+- Review the workflow for correctness and realism.
+- Tighten the workflow if needed so repo-side enforcement is actually meaningful.
+- Verify whether secret scanning and dependency checks cover the important paths.
+- Do not mark this issue complete if a Gitea Actions runner is still required for execution.
+- Clearly separate "repo-side complete" from "operationally active".
+
+Acceptance bar:
+- Workflow file is committed and sane.
+- Remaining runner dependency is clearly documented.
+- Issue remains partial or blocked if execution infrastructure is missing.
+
+`#9 Performance Hardening`
+Current state:
+- Gateway dashboard response is cached.
+- Budget summary is cached.
+- Inventory `/issues` and `/needs-review-count` no longer full-scan all rows.
+
+What remains:
+- Re-check inventory endpoints for any other repeated full-table fetches.
+- Re-check budget endpoints for repeated account fan-out, especially `/transactions/recent`.
+- If Actual Budget API forces per-account queries, document that constraint explicitly.
+- Prefer targeted improvements such as short-TTL caching, narrower query windows, or reused lookups over broad refactors.
+- Do not mark this issue complete unless the remaining hot paths are either fixed or clearly bounded and documented.
+
+Acceptance bar:
+- The worst remaining repeated-scan or repeated-fan-out paths are either reduced or documented with clear justification.
+- Final status does not overstate completion.
+
+Instructions:
+- Make minimal, production-oriented fixes.
+- Preserve unrelated user changes.
+- After each issue-sized change:
+ - verify it with direct checks
+ - comment on the relevant Gitea issue with:
+ - what changed
+ - files touched
+ - verification performed
+ - what remains
+- Do not close `#5`, `#8`, or `#9` unless the actual code and behavior support it.
+- If an issue is still partial, say so directly.
+- Avoid renaming something and then claiming the underlying architectural concern is solved.
+
+Manual ops note:
+- Admin password rotation is intentionally deferred.
+- If referenced, mark it exactly as: `LAST STEP: rotate admin password after all remaining fixes are complete and verified.`
+
+Final output format:
+- `Completed:`
+- `Partial:`
+- `Blocked:`
+- `Manual ops actions:`
diff --git a/frontend-v2/src/lib/components/layout/MobileTabBar.svelte b/frontend-v2/src/lib/components/layout/MobileTabBar.svelte
index 47cc154..d63a833 100644
--- a/frontend-v2/src/lib/components/layout/MobileTabBar.svelte
+++ b/frontend-v2/src/lib/components/layout/MobileTabBar.svelte
@@ -2,6 +2,15 @@
import { page } from '$app/state';
import { LayoutDashboard, DollarSign, Package, Activity, MoreVertical, MapPin, BookOpen, Library, Settings } from '@lucide/svelte';
+ interface Props {
+ visibleApps?: string[];
+ }
+ let { visibleApps = ['trips', 'fitness', 'inventory', 'budget', 'reader', 'media'] }: Props = $props();
+
+ function showApp(id: string): boolean {
+ return visibleApps.includes(id);
+ }
+
let moreOpen = $state(false);
function isActive(path: string): boolean {
@@ -20,18 +29,24 @@
Dashboard
-
-
- Budget
-
-
-
- Inventory
-
-
-
- Fitness
-
+ {#if showApp('budget')}
+
+
+ Budget
+
+ {/if}
+ {#if showApp('inventory')}
+
+
+ Inventory
+
+ {/if}
+ {#if showApp('fitness')}
+
+
+ Fitness
+
+ {/if}