Security

ClankTeam implements a defense-in-depth security model. Your data and operations are protected by multiple independent systems that overlap, so a failure in one doesn't compromise the whole.

Tenant Isolation

Each organization runs in its own dedicated process with its own secrets, audit logs, and configuration. There is no shared state between organizations. One tenant can never access another's data.

Human-in-the-Loop Approvals

Agents must get explicit human approval before taking sensitive actions. When an agent tries to do something gated (like sending an email to a client or processing a payment), execution is blocked until you review and approve. See Approvals.

Permissions and Access Control

Agents have zero access by default. Every service, every action, and every piece of data must be explicitly granted through Abilities. You control not just what services agents can use, but what specific actions they can take within each service, and whether those actions require your approval.

Users within an organization have role-based access:

  • Owner: Full access to everything
  • Admin: Manage agents, abilities, credentials, and triggers
  • Member: Interact with agents and view results
  • Viewer: Read-only access

Credential Security

Your API keys, OAuth tokens, and passwords are stored in an encrypted vault. They're never written to config files in plain text. Agents access services through credentials without ever seeing the underlying keys.

At runtime, credential values are wiped from memory immediately after use. They don't linger in logs, crash dumps, or process memory.

Each organization's credentials are fully isolated from every other organization's.

Tamper-Evident Audit Trail

Every security-critical action is logged to a chain where each entry is cryptographically linked to the one before it. If anyone tries to modify or delete a record, the chain breaks and the tampering is detectable.

The audit trail records: what happened, which agent did it, when, and the outcome. For approvals, it also records who approved or rejected and why.

Agent Sandboxing

Agents execute in isolated sandboxes. A misbehaving agent can't access files, network resources, or memory outside its allowed scope. Two independent metering systems prevent runaway agents from consuming unlimited CPU or running forever.

Network Protection

Outbound network requests from agents are validated against multiple layers of checks. Agents can't reach internal infrastructure, cloud metadata endpoints, or private network ranges. DNS rebinding attacks are blocked by verifying resolved IP addresses, not just hostnames.

Prompt Injection Defense

Agent inputs are scanned for prompt injection patterns: attempts to override instructions, exfiltrate data, or hijack agent behavior. Downloaded content is verified against checksums before agents process it.

Rate Limiting

API requests are rate-limited per IP using a token-bucket algorithm. Different operations cost different amounts (routine checks are cheap, creating agents or running workflows costs more). This prevents abuse and ensures fair resource allocation.

What This All Means for You

You don't need to think about most of this. ClankTeam handles security so you can focus on your business. The short version:

  • Your agents can only do what you've allowed
  • Sensitive actions require your approval
  • Your data is isolated from every other organization
  • Every important action is logged and tamper-proof
  • Credentials are encrypted and never exposed