Data Protection
Encryption in Transit
All data transmitted between your browser and CREAO servers is encrypted using TLS 1.2+. API calls to third-party LLM providers are also encrypted in transit.
Encryption at Rest
All stored data — including conversations, files, memories, and secrets — is encrypted at rest using AES-256 encryption.
Sandbox Isolation
Every chat thread and agent run executes in its own isolated Linux sandbox. Sandboxes are ephemeral, network-isolated from other tenants, and destroyed after use. Designed to prevent cross-tenant data leakage.
Secret Management
API keys and credentials stored as Secrets are encrypted at rest and managed via a dedicated secrets store. They are injected into sandboxes as environment variables at runtime and never logged or persisted in plain text.
Infrastructure & Controls
Infrastructure
CREAO is hosted on AWS with network-isolated infrastructure, web application firewall protection, and DDoS mitigation.
Access Controls
Internal access follows the principle of least privilege. Production systems require MFA and are audited. No engineer has standing access to production databases — access is provisioned on-demand with time-bound sessions.
Audit Logging
All administrative actions are logged in an immutable audit trail. Logs include the actor, action, target resource, and timestamp. Audit logs are retained for 90 days.
Vulnerability Management
We run automated security scans daily covering dependency vulnerabilities, secret detection, and infrastructure configuration. Critical vulnerabilities are triaged and patched within 24 hours.
Connector Security
Connectors provide scoped access to third-party systems. See Skills and Connectors for the full feature overview.- Connector tools run only for authenticated users with active connections.
- Input validation and tool allowlists are applied before execution.
- Connection metadata exposed in product responses is sanitized.
- Disconnect/delete operations invalidate connector use from CREAO.
Connector auth model
- You initiate a connector connection.
- You approve provider permissions (OAuth scopes or API key access).
- CREAO stores connection metadata required to execute connector tools for your account.
- You can disconnect or remove a connector at any time.
Skill Security
Skills are instruction packages that shape agent behavior — they do not, by themselves, grant external access. See Skills and Connectors for the full feature overview.Safety boundaries and controls
- Sandbox isolation: Skill-driven code execution occurs in isolated runtime environments.
- Connector gating: Skill prompts cannot use connector actions without valid active connector auth.
- Secret controls: Secrets remain managed via runtime injection patterns and are not expected to appear in normal response payloads.
- Validation and guardrails: Tool invocation and platform-side checks constrain execution paths.
Sensitive-domain guidance
Some official skills cover regulated or high-impact topics (for example: medical, legal/privacy, or financial analysis). For those categories:- Outputs are informational and should be reviewed by qualified professionals.
- Users should validate conclusions before making legal, medical, financial, or compliance decisions.
- Organizations should define internal approval flows for high-risk outputs.
Built-in vs custom skills
| Type | Source | Security posture |
|---|---|---|
| Official built-in skills | Curated and shipped by CREAO | Governed by platform controls and release process |
| Custom skills | Installed or authored by users | Treated as user-controlled instructions; review before enabling |