feat: rate-limit crisis overlay to max once per 10 minutes

- Added 10-minute debounce timer to showOverlay()
- Subsequent escalations log event but don't re-show overlay
- Manual crisis resources bypass debounce via force=true
- User can still open crisis resources anytime via panel buttons

Fixes #100

index.html

@@ -825,6 +825,8 @@ Sovereignty and service always.`;
   var isStreaming = false;
   var overlayTimer = null;
   var crisisPanelShown = false;
+  var _lastOverlayShownTime = 0; // timestamp of last crisis overlay show
+  var OVERLAY_DEBOUNCE_MS = 10 * 60 * 1000; // 10 minutes
 
   // ===== SERVICE WORKER =====
   if ('serviceWorker' in navigator) {
@@ -1019,7 +1021,15 @@ Sovereignty and service always.`;
   // Store the element that had focus before the overlay opened
   var _preOverlayFocusElement = null;
 
-  function showOverlay() {
+  function showOverlay(force) {
+    // Rate-limit: max once per 10 minutes (unless forced)
+    var now = Date.now();
+    if (!force && (now - _lastOverlayShownTime) < OVERLAY_DEBOUNCE_MS) {
+      console.log('[crisis] overlay suppressed — shown ' + Math.round((now - _lastOverlayShownTime) / 1000) + 's ago');
+      return;
+    }
+    _lastOverlayShownTime = now;
+
     // Save current focus for restoration on dismiss
     _preOverlayFocusElement = document.activeElement;