Stories should have acceptance criteria for security

[doodlesbykumbi]

Perhaps, the PR template can have a section to flag this for attention. The upshot is dedicated consideration of potential security flaws.

Here's an example for a UI:

Given an unauthenticated user when tries to view profile then redirected to login

If this test was failing it would be problematic.

[izgeri]

@doodlesbykumbi can you add more detail about your vision for this in this repo? I'm not sure I follow from your UI example.

Also, removing the tech-debt label in favor of enhancement