Trust Center
Mission Control is built for enterprise-grade governance. This page summarizes our baseline security posture, data handling, and operational practices.
Data Protection
- • Supabase-authenticated sessions and row-level access patterns.
- • Principle of least privilege for service-role operations (server only).
- • Sensitive secrets never shipped to the browser (no SERVICE_ROLE in client).
Auditability
- • Agent runs designed to be traceable (inputs, tool calls, outputs).
- • Outcome artifacts intended to be durable and reviewable.
- • Environment validation prevents misconfigured production deployments.
Availability & Resilience
- • Vercel-first deployment model with preview isolation.
- • Defensive timeouts and rate limits to protect shared resources.
- • Clear degradation modes for demo and missing-provider configurations.
Privacy
- • Minimize stored personal data; prefer workspace-scoped identifiers.
- • OAuth sign-in via Supabase (Google/GitHub) with configurable redirect URLs.
- • Clear separation between analytics/telemetry and customer content.