Security

How Archon protects your agents, data, and infrastructure.

API Key Hashing

Keys are SHA-256 hashed before storage. Plain-text keys are shown once at creation and never stored or retrievable. This is the same pattern used by Stripe, GitHub, and AWS.

Default-Deny Policy

Every tool call is blocked unless explicitly allowed. The security policy engine evaluates tool name, arguments, and size limits before execution.

Subprocess Sandbox

Tool execution runs in isolated subprocesses with configurable timeouts and output size limits. No tool code runs in the main agent process.

Output Sanitization

Seven-category sanitizer detects and strips: instruction override, role hijack, prompt extraction, data exfiltration, delimiter injection, encoded payloads, and embedded instructions.

Per-User Data Isolation

All database queries are scoped to the authenticated user via ctx.auth.getUserIdentity(). No user can access another user's traces, keys, or settings.

Immutable Audit Trail

Every action is recorded as an immutable event. Audit logs survive GDPR erasure requests. Full replay capability for incident investigation.

Report a Vulnerability

If you discover a security vulnerability, please report it responsibly. Do not open a public GitHub issue.

Email: hello@yashbogam.me

We aim to acknowledge reports within 24 hours and provide a fix within 7 days for critical issues.