Security
Security is core to automaintainer: we run autonomous agents against your code, so containment and least-privilege are first-class concerns.
Repository access
- Agents act using the GitHub token you provide, scoped to the repositories you authorize.
- Changes land as pull requests by default — you stay in control of what merges. Auto-merge is opt-in per repository.
Run isolation
- Each run executes in its own isolated git worktree on a worker, keyed per run so concurrent runs never share working files.
- Workers authenticate to the panel over a token-gated WebSocket. On paid plans you can run your own workers so code is processed on infrastructure you control.
Secret handling
- Secret values are never written to logs, pull-request bodies, or agent messages.
- Bring-your-own-keys (BYOK): your AI provider keys live on your own worker machine, configured in the harness. automaintainer never receives, stores, or proxies your model-provider keys.
- Production secrets can be sourced from a dedicated, encrypted secrets manager (AES-256-GCM, per-key access, device-fingerprint whitelisting) instead of plaintext environment files — so neither operators nor agents can bulk-dump them.
- Payment data is handled by Stripe; we never store card details.
Data in transit & at rest
- Traffic to the panel is served over HTTPS/WSS.
- Authentication uses a signed session token; passwords are hashed.
Responsible disclosure
If you believe you've found a vulnerability, please email contact.automaintainer@protonmail.com with details. We appreciate coordinated disclosure and will respond promptly.