AgentGuard
Quickstart
Blog
Updates
Trust
Security & Trust
This document answers common procurement and security review questions about AgentGuard. We're honest about what's shipped vs. planned — transparency builds trust faster than marketing.
Authentication & Access
Area Status Details
User auth
Current Clerk SSO with secure session management
API key security
Current SHA-256 hashed before storage, prefix-only display, soft-delete revocation
Password reset
Planned Token-based email reset flow (upcoming)
API key rotation & expiry
Planned Key rotation, expiry dates, last-used tracking (upcoming)
SSO / SAML
Planned Enterprise SSO for Team tier (upcoming)
Encryption
Area Status Details
In transit
Current TLS 1.3 enforced by Vercel (dashboard) and Supabase (database)
At rest
Current AES-256 via Supabase Postgres transparent encryption
Secret handling
Current API keys never stored raw. Service secrets in env vars. No secrets in logs.
Data Handling & Privacy
Area Status Details
Tenant isolation
Current All queries scoped by team_id. No cross-tenant access possible.
Data retention
Current Auto-cleanup cron per plan: 7d (Free), 30d (Pro), 90d (Team)
Data capture
Current SDK never auto-captures prompts or responses. Only what you explicitly send.
On-demand deletion
Planned DELETE API for GDPR right-to-erasure (upcoming)
Team & Access Controls
Area Status Details
Team ownership
Current Single owner per team with full control
RBAC
Planned Owner/admin/member roles with granular permissions (upcoming)
Audit logs
Planned API key CRUD, team changes, plan changes (upcoming)
Ingestion & Reliability
Area Status Details
SDK transport
Current HttpSink: batched, background thread, atexit flush. Failures logged, never crash.
Rate limiting
Current 100 requests/min per IP on ingest. Quota enforcement per plan.
Gzip compression
Current Client-side gzip for batched payloads, automatic Content-Encoding
Retry with backoff
Current Exponential backoff on transient failures with idempotency keys
Backpressure
Current 429 with Retry-After header, client-side backoff
SSRF protection
Current IDN/Punycode validation, private IP blocking on all outbound URLs
Thread safety
Current All guards and sinks are thread-safe with lock-based concurrency
Supply Chain & Dependencies
Area Status Details
SDK dependencies
Current Zero runtime dependencies. Pure Python stdlib. One package to audit.
Open source
Current MIT-licensed. Full source on GitHub .
Optional integrations
Current LangChain integration uses try/except ImportError. Never required.
Incident Response
Area Status Details
Security contact
Current pat@bmdpat.com — 48-hour response commitment
Status page
Planned Public status page for ingest uptime (upcoming)
SLA
Planned 99.9% ingest uptime target (documented, contractual SLA upcoming)
Questions?
For security inquiries: pat@bmdpat.com
For general questions: GitHub Issues
Last updated: February 2026 (v1.2.0)
© 2026 BMD PAT LLC · MIT-licensed SDK · Zero dependencies