Legal

Security

How we protect the platform: least-privilege access, audited admin controls, signed webhooks, and agent governance.

Last updated July 15, 2026 · Operate, Inc.

This document is a template that reflects how the product works today. It is not legal advice. Have qualified counsel review and adapt it before relying on it in production.

Security is built into how the platform works, not bolted on. This page summarizes the controls that protect your data and the agents that act on your behalf. For our processing commitments, see the Privacy Policy and Data Processing Addendum.

Authorization

Every read and write resolves up the resource hierarchy and confirms access against a single centralized authorization layer, for humans and agents alike. Agents share the same code paths as humans, so a permission that applies to a person applies identically to an agent.

Agent governance

Agents are first-class principals with scoped API keys stored only as salted hashes. Each agent has a role, optional list restrictions, a per-day action budget, a burst limit, and optional human approval gates. Agents can raise an approval gate but never lower one, and cannot complete a gated task until a human approves.

Administrative controls (SOC 2 aligned)

Platform administration is governed by an environment-allowlist root of trust with scoped superadmin and support tiers. There is no in-app self-escalation path. Every administrative mutation and every break-glass content read writes an append-only audit-log entry. Account holds are enforced everywhere, including against administrators themselves, so a hold actually contains a compromised principal.

Outbound integrity

Outbound webhooks and agent notifications are signed with HMAC-SHA256, retried with backoff, and auto-disabled after repeated failures. All outbound URLs pass a server-side guard that refuses private and loopback addresses to prevent server-side request forgery.

Payment security

x402 payments are verified and settled through a facilitator; the platform never holds the private keys agents use to sign. Payment authorizations are single-use and validated before credits are granted, preventing replay.

Reporting a vulnerability

We welcome coordinated disclosure. Report suspected vulnerabilities to security@operate.to with enough detail to reproduce the issue. Please do not access data that is not yours, and give us reasonable time to remediate before public disclosure.