Security

Amistio coordinates work through a backend service and a paired local runner. The runner executes approved jobs on the user's machine so local development tools and repositories stay under user control.

This model is intended to make execution boundaries clear and keep sensitive local tooling decisions close to the operator.

Web user authentication is handled through Clerk and may include Google Sign-In. Runner pairing uses short-lived device flows and scoped tokens so local bridges can claim work without using web session credentials.

Users should remove unused runners and rotate credentials if a device or workspace may have been exposed.

Amistio is designed to make generated plans, execution status, logs, and review steps visible before important actions land.

Users are responsible for reviewing code changes, command output, dependencies, and deployment impact before approving work.

Do not paste secrets, private keys, production credentials, or regulated data into prompts, plans, documents, or support channels unless your workspace has been explicitly configured for that handling.

Provider API keys and local tool credentials should be managed through the intended provider or workspace configuration rather than committed to source code.

If you believe you have found a security issue, report it privately through the support or security contact provided by the Amistio team. Include enough detail to reproduce the issue without exposing unrelated user or workspace data.