Legal · Security

Security.

PromptRails is built with security as a first-class concern. Here's how we protect your data and integrations.

🔒

All stored credentials and secrets are encrypted with AES-256 at rest. Passwords are bcrypt-hashed. API keys are stored as one-way hashes.

🛡

All data in transit is encrypted with TLS 1.2+. API key IP allowlisting and CORS origin restrictions provide additional access control.

🔑

Fine-grained API key scopes, role-based workspace access (Owner / Admin / User), and human-in-the-loop approvals on sensitive operations.

◉

Full execution tracing, access logs, and audit trails. Monitor every API call, agent execution, and configuration change.

Responsible disclosure

If you discover a security vulnerability, please report it to security@promptrails.ai. We take all reports seriously and will respond promptly.