diff --git a/docs/AUDIT_REDESIGN.md b/docs/AUDIT_REDESIGN.md
index e5f2661..e6a9f58 100644
--- a/docs/AUDIT_REDESIGN.md
+++ b/docs/AUDIT_REDESIGN.md
@@ -47,7 +47,7 @@ Status: ⬜ open · 🟦 in PR · ✅ fixed (commit hash on the right).
 | C4  | `/api/news` passes `symbols` through to Alpaca without validation.                                                                  | 🟡       | ✅     | 7c4b08c    |
 | C5  | Header `fetchMarketIndices` polls every 60 s even when the tab is hidden. Should pause via `document.visibilityState`.              | 🟡       | ✅     | e089832    |
 | C6  | `backend/.env.example` keeps `FMP_API_KEY=demo` AND `apiServer.ts` falls back to `'demo'`. Two sources of truth. Demo key is shared globally and rate-limited.  | 🟡       | ✅     | 1377bf2    |
-| C7  | FMP `apikey` is sent as a query string → leaks into proxy / CDN logs. FMP doesn't support headers, so the only mitigation is server-side caching (see C2). | 🟡       | ⬜     |            |
+| C7  | FMP `apikey` is sent as a query string → leaks into proxy / CDN logs. FMP doesn't support headers, so the only mitigation is server-side caching (see C2). | 🟡       | ✅     | e2e189e    |
 
 ## D. UX / UI polish
 
diff --git a/docs/COMPLETION_CHECKLIST.md b/docs/COMPLETION_CHECKLIST.md
index 89c20f7..09c4b59 100644
--- a/docs/COMPLETION_CHECKLIST.md
+++ b/docs/COMPLETION_CHECKLIST.md
@@ -361,7 +361,7 @@ Expected platform result:
   missing `FMP_API_KEY` behaves. Prefer explicit missing-key failure for
   production and documented demo-only local behavior.
 
-- [ ] `C7` Mitigate FMP key exposure.
+- [x] `C7` Mitigate FMP key exposure. Implementation: `e2e189e`.
   Acceptance: cache from `C2` is in place, logs avoid printing full FMP URLs
   with `apikey`, and docs explain that FMP requires query-string auth.