Skip to main content

Agent security model

The nullplatform agent runs inside your own infrastructure. This page covers the security guarantees nullplatform provides for the agent and what remains under your control as the operator.

How it connects

🔒 Nullplatform never initiates a connection into your environment — traffic flows outbound only, from your infrastructure to the platform.

Security guarantees

  • Encrypted and authenticated connection: All communication between the agent and the platform runs over WebSocket TLS. The agent authenticates before receiving any instruction.

  • No access to customer credentials: Nullplatform doesn't store or access your API keys or secrets. Credentials live entirely in your environment.

  • Execution scoped by design: The agent operates with a declared set of capabilities. Commands can only run from explicitly allowed paths. Path traversal, symlink attacks, and arbitrary execution are blocked at the agent code level.

  • Repository-bound execution: The agent configuration includes a fixed allowlist of repositories and branches. This list is immutable after the agent starts, so all executions happen exclusively from pre-approved code.

  • Authenticated and authorized commands: All commands sent to the agent API are authenticated and authorized by nullplatform over HTTPS. The agent receives structured commands and runs them only within the configured repositories, with protections against subshell injection and path manipulation.

  • IAM-bounded execution: The agent runs with the IAM roles you assign to it. It can only access the cloud resources those roles explicitly permit, which limits the blast radius of any executed action.

Auditability and control

You have full visibility into every action the agent takes within your infrastructure: commands executed, scripts run, and services accessed.

Certain actions, such as deployment executions, can be gated by approval workflows. The agent won't proceed until the required approval is granted, giving teams an additional governance layer over sensitive operations.

💡 Tip: You can deploy multiple agents simultaneously, one per namespace, application, or team, for granular access control and per-environment isolation.

Responsibilities at a glance

Nullplatform handles security of the platform. You handle security in your infrastructure.

guaranteesYou manage
Responsibility for
security of the agent
Transport
TLS transport with agent authentication
Identity & access
Command authentication and authorization over HTTPS
Secrets & credentials
Zero retention of customer credentials
Execution boundary
Execution guardrails enforced in agent code
Source allowlist
Immutable repository allowlist at agent startup
Distribution
Versioned agent image via Docker Registry
Resilience
Reconnection with retry and backoff
You
Responsibility for
security in your infra
Identity & access
IAM permissions following least-privilege
Secrets & credentials
Secrets and API keys in your vault or Kubernetes Secrets
Rotation & auditing
Credential rotation and access auditing
Observability
Audit logs and observability of agent actions

Next steps