Pre-Authenticated Cookie Name:
It says "the cookie is compressed and finally signed". In fact the Agent doesn't sign (as of 5.8) as this was deemed to be a security risk, allowing hackers to break the Agent password offline.
Not enforced properties:
A very lengthy discussion of how "not enforced" rules work is embedded in the first property related to not enforced rules. This should be pulled out into a separate section and then cross referenced in the discussion of each not enforced property. Perhaps this discussion should cross reference the properties also.
Continuous security headers:
Similarly to the "not enforced" stuff, there is a lengthy description of how continuous security works embedded in the discussion of the continuous security header property. I can't help thinking this should be elsewhere too.