Security-first by design

StackAgent AI never pushes directly to your main or production branches. Every code change is proposed as a pull request that you review, test with CI, and merge on your own terms. This is the foundational safety guarantee.

To generate refactor PRs, StackAgent only needs read access to your repository and metadata about your cloud services. It does not require production database credentials, admin keys, or root access to any service.

When real integrations are enabled, all credentials will be encrypted at rest (AES-256) and in transit (TLS 1.3). Secrets are scoped to minimum required permissions and rotated regularly.

Refactor execution happens in ephemeral, isolated containers that spin up for each phase and are destroyed after completion. No persistent compute has access to your code or credentials between runs.

Every action StackAgent takes — from scanning a repo to opening a PR — is logged with timestamps, actor context, and the specific operations performed. Audit logs are immutable and exportable.

StackAgent requests only the minimum permissions needed for each operation. GitHub tokens are scoped to specific repositories. Cloud provider access is read-only unless explicitly granted for deployment.