diff --git a/TODO.md b/TODO.md
index fd125d4..a1f5d59 100644
--- a/TODO.md
+++ b/TODO.md
@@ -164,8 +164,8 @@ A single linear checklist of tasks to implement the complete pixa caching image
 
 ## Security
 - [x] Implement path traversal prevention
-- [ ] Implement request sanitization
-- [ ] Implement response header sanitization
+- [x] Implement request sanitization
+- [x] Implement response header sanitization
 - [ ] Implement referer blacklist
 - [ ] Implement blocked networks configuration
 - [ ] Add rate limiting per-IP
@@ -195,7 +195,7 @@ A single linear checklist of tasks to implement the complete pixa caching image
 - [ ] Validate configuration on startup
 
 ## Operational
-- [ ] Implement graceful shutdown
+- [x] Implement graceful shutdown
 - [ ] Implement Sentry error reporting (optional)
 - [ ] Add comprehensive request logging
 - [ ] Add performance metrics (Prometheus)