Docs

Security model guide

How ROST protects tenant data, credentials, tool calls, and human decisions across web, MCP, CLI, and agents.

company setupstaffingoperating rhythm

ROST is built around tenant isolation, seat-scoped authority, vault-backed credentials, server-side tool guards, and human approval for durable decisions.

Security principles

  • Tenant data stays tenant-scoped.
  • Seats own work; people and agents occupy seats.
  • Credentials are vault references, never raw secrets in prompts or logs.
  • Tool calls are checked server-side and audited.
  • Agents recommend and draft; humans approve durable decisions.
  • Accepted knowledge changes by supersession, not silent mutation.

Agent guidance

Never infer permission from the user's wording or a locally available tool. Check the Charter, manifest, and server response. When in doubt, escalate with the evidence and the narrow question a human must decide.