We operate under a conservative data-handling posture. Treat prompts and outputs as sensitive by default, and avoid unnecessary data retention.
Data Handling Rules
- PII redaction before logging. Opt-in only for debug sessions.
- Use allowlists for tools and APIs available to agents.
- Encrypt secrets end-to-end; never commit tokens.
Threat Model
- Prompt injection: constrain tool use and validate inputs strongly.
- Data exfiltration: outbound network calls are filtered and audited.
- Model supply chain: pinned versions and attestation for provider SDKs.
Expectations for Engineers
- Default to least privilege for services and feature flags.
- Route all model access through approved gateways.
- Engage Security Engineering for novel data flows or third-party tools.
Reminder
Do not paste production data into third-party playgrounds. Use our internal sandbox with redaction enabled.