Security isn't a feature.
It's the foundation.
You're trusting AI with invoices, payroll, and bank accounts. That trust has to be earned through architecture, not promises. Here's how we build it.
Six layers of protection.
Zero shortcuts.
Row-Level Security
Every database table enforces RLS. Users can only access their own data. No exceptions, no admin backdoors.
Encrypted Credentials
OAuth tokens and API keys are encrypted at rest. Migration to Supabase Vault for hardware-level isolation is in progress.
Append-Only Audit Trail
Every agent decision, every action, every exception is logged immutably. No UPDATE, no DELETE on the audit table. Full state snapshots preserved.
Constitutional Governance
AI agents operate within explicit, versioned constraints. Every decision cites which constitutional rules it followed. Humans approve anything outside bounds.
Confidence Gating
Agents must meet confidence thresholds before acting autonomously. Low-confidence decisions escalate to the founder. Irreversible actions always require approval.
Infrastructure
Hosted on Vercel with automatic HTTPS, DDoS protection, and edge networking. Database on Supabase with automated backups, point-in-time recovery, and SOC 2 Type II compliance.
How the agent loop
stays safe.
Every agent decision passes through four stages. The critical safety gate at step three ensures no action executes without meeting your confidence and approval requirements.
Read-only data access. Agents query your connected systems — bank balances, invoices, campaigns — without write permissions.
AI reasoning with constitutional citations. Every recommendation references the specific rules and constraints it evaluated against.
Confidence check + escalation rules. If confidence is below threshold or the action is irreversible, execution is blocked. The decision escalates to you.
Only if gate passes. The action is performed, logged with full context, and the audit trail is appended. Otherwise, it surfaces as an exception for human review.
Read-only data access. Agents query your connected systems — bank balances, invoices, campaigns — without write permissions.
AI reasoning with constitutional citations. Every recommendation references the specific rules and constraints it evaluated against.
Confidence check + escalation rules. If confidence is below threshold or the action is irreversible, execution is blocked. The decision escalates to you.
Only if gate passes. The action is performed, logged with full context, and the audit trail is appended. Otherwise, it surfaces as an exception for human review.
When the gate blocks execution
The decision surfaces as an exception with full context: what the agent observed, what it recommends, which constitutional rules apply, and why confidence was insufficient. You decide in seconds. Your decision can update the constitution so the same class of exception never returns.
What we don't do.
Security is as much about what you refuse to do as what you build. These are non-negotiable.
We never store raw credentials in plaintext
We never let agents bypass constitutional constraints
We never delete audit records
We never make irreversible decisions without human approval