simpleflo

Security

Simpleflo is designed with a simple assumption: anything you did not write yourself should be treated as untrusted -- especially connector code that can touch your files, network, or credentials.

This page describes the security posture at a high level: what is intended to be safe by default, and what boundaries are explicit.

What "secure by default" means here

Clear boundaries

  • what data is used,
  • where it lives,
  • what can access it.

Secrets stay secret

Credentials should not live in plain-text config or logs. Prefer OS-native secure storage and minimize where secrets can appear.

Private context stays under your control

  • keep processing local when feasible
  • avoid unnecessary duplication
  • make deletion predictable

Third-party code is isolated

If a utility depends on connectors, assume failure and design for containment:

  • separate execution environments
  • constrained permissions
  • explicit network access where possible
  • auditing surfaces (what ran, when, with what access)

What this page is (and is not)

This is a design stance, not a certification or a promise of perfect security. The goal is to make security legible, intentional, and continuously improved -- while keeping safe behavior the path of least resistance.