5a27b79b51
Add two early-exit checks in sovran-legacy-security-check before the legacy fallthrough block: 1. Exit if /var/lib/sovran/onboarding-complete exists (Hub onboarding done) 2. Exit if /var/lib/secrets/free-password exists and is not "free" (password changed) This prevents the boot-time service from overwriting the security-status file that /api/change-password clears after a successful password change. Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/c18311e4-609d-4edf-a2a1-a018baede373 Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>