Read-only architecture
Costframe requests provider read roles for customer cloud analysis. Public copy must not imply that Costframe can deploy, resize, delete, or mutate customer resources.
Proof: Provider data enters through read-only clients and becomes org-scoped evidence.