Security

An agent that touches your inbox, your CRM, and your spreadsheets needs to handle credentials like a payments system. Here is how we do it.

Credential isolation

Every operator brings their own credentials. Tokens and API keys are encrypted at rest with envelope encryption, scoped to the user, and never shared across workspaces. OAuth uses short-lived access tokens with refresh rotation. Revoking a connection invalidates the next run immediately.

Runtime isolation

Agent runs execute in isolated workers. Credentials are decrypted into the worker, used for the tool call, and disposed of immediately. Logs and event streams never contain plaintext credentials.

Data residency

Production data is stored in encrypted Postgres in US regions. Enterprise customers can request EU residency.

Transport security

TLS 1.2 or higher on every endpoint. HSTS enabled. No HTTP fallback for authenticated traffic.

Audit and logging

Pro and Enterprise workspaces get an audit log of agent changes, run starts, and credential connections. Enterprise extends retention.

Access controls

Per-workspace roles (owner, admin, member). SAML SSO available on Enterprise. Per-agent webhook URLs use unguessable signed tokens.

Spend safety

Every workspace has a daily cost ceiling. When reached, new runs are paused rather than charged. A runaway loop cannot drain your card.

Compliance roadmap

SOC 2 Type 1 is in progress. DPA available for Pro and Enterprise. Sub-processor list maintained at /legal/sub-processors.

Reporting a vulnerability

Use our security contact form with reproduction steps. We respond within one business day.