Tenant isolation
- Every tenant table is protected by Postgres row-level security keyed to organization membership — one policy layer enforced by the database itself, not just application code.
- Agent knowledge, transcripts, outputs, and usage records are scoped to your organization and unreadable by any other tenant.
Secrets handling
- Connection credentials (Slack/Discord webhooks, GitHub/Notion tokens…) live in a table with no client-readable access path — only our server-side service role can read them, and our APIs never return a stored secret.
- Connections are verified with a live API call before saving, and re-checked on every delivery.
- Platform secrets are environment-scoped and never shipped to the browser.
Abuse & egress protection
- Customer-supplied URLs (site scans, custom webhooks) pass an egress guard that blocks private networks, loopback, link-local, and cloud-metadata addresses — checked when saved and on every send.
- Public widget endpoints use unguessable per-agent keys, are disabled by default, and are rate-limited per agent.
- Org-level burst limits and monthly budgets cap every model call path.
Billing integrity
- Stripe webhooks are signature-verified and idempotent — replayed events can’t double-apply.
- Card data never touches our servers.
Auditability
- Widget conversations are stored as transcripts your team can review.
- Every escalation, draft, and captured lead lands in a review queue with status history.
- Every model call is metered with tokens, model, and timestamp.
Infrastructure
- Hosted on Vercel (application) and Supabase on AWS us-east-1 (database, auth, vector search).
- TLS for all traffic in transit; encryption at rest for stored data; point-in-time database recovery.
- Model calls go to OpenAI’s API, which does not train on API data.
- Health monitoring endpoints and structured failure handling — a failing dependency degrades gracefully rather than exposing errors to your customers.
On the roadmap
- SSO/SAML and audit-log export for enterprise plans.
- Bring-your-own-key model access.
- SOC 2 program as we grow — the controls above are designed with that path in mind.
Responsible disclosure
Found a vulnerability? Email security@hiredhands.dev. We respond within 48 hours, and we won’t pursue action against good-faith research that respects user data and service availability.