Coral asks you to hand over API keys, credentials, and agent workflows. We don't take that lightly. Security isn't a feature we bolted on -- it's the architecture we built everything on top of. Here's exactly how we protect you.
These aren't marketing claims. They're engineering decisions baked into every line of Coral's codebase. We publish these so you can hold us accountable.
Every API key, token, and credential is encrypted with AES-256 before it leaves your machine. Coral's servers store ciphertext only. We literally cannot read your secrets -- even if someone compromised our database, they'd get nothing usable.
Coral's servers never see your credentials in plaintext. Encryption and decryption happen locally on your device. Your keys are only ever unencrypted in memory, for the milliseconds an agent needs them, then they're wiped.
Every autonomous action is logged with timestamps, reasoning, and outcome. See exactly what your agents did, when they did it, and why. Complete transparency -- zero surprises.
Every skill and agent template declares exactly what it can access before you install it. File read? Git push? Database query? You see the full permission list and approve each one. No silent escalation.
Every skill is scanned and reviewed before it reaches the marketplace. Automated vulnerability detection plus human review. Malicious or unsafe skills never make it to the catalog.
Your data is yours. Period. Export everything with one click. Delete your account and all associated data is permanently purged from our systems within 24 hours. No data hostage games.
The Coral marketplace isn't a free-for-all. Every skill goes through a rigorous multi-stage review before it's listed. Here's the process, step by step.
Every submitted skill is run through automated static analysis. We scan for known vulnerabilities, suspicious network calls, file system overreach, and credential exfiltration patterns. If the code tries to phone home, access files outside its declared scope, or obfuscate its behavior -- it's flagged immediately.
Skills must declare every resource they access -- files, APIs, network endpoints, environment variables. Our review team verifies the declared permissions match the actual code behavior. If a skill says it only reads files but actually writes to disk, it's rejected.
Every skill is executed in an isolated sandbox environment with monitoring. We watch for unexpected behavior: excessive memory use, attempts to access unscoped resources, network requests to undeclared domains, or any action that exceeds its stated permissions.
A member of Coral's security team manually reads the code. Automated tools catch patterns, but humans catch intent. We look at logic flow, data handling, edge cases, and whether the skill does what it claims to do -- nothing more, nothing less.
Approval isn't the end. Published skills are continuously monitored for user reports, behavioral anomalies, and dependency vulnerabilities. If a previously-safe dependency gets compromised upstream, we flag and temporarily disable affected skills within hours.
Here's exactly what Coral stores, why we store it, and what you can do with it. No fine print. No surprises.
Data retention policy: When you delete your account, all your data -- credentials, memories, logs, everything -- is permanently purged from our systems within 24 hours. No 30-day "we'll keep it just in case" games. Gone means gone.
These guardrails are hard-coded into Coral's core. They can't be disabled by skills, agents, or even account settings. Not even we can override them remotely.
Agents cannot initiate purchases, trigger paid API calls above your set limits, or authorize financial transactions without your explicit, per-action approval.
Agents cannot send emails, messages, or make any outbound communication to humans on your behalf. No exceptions. No "just this once."
Agents cannot share your credentials, memory vault contents, or project data with external services, other users, or any endpoint you haven't explicitly approved.
Agents cannot grant themselves additional access, modify their own permission scopes, or bypass safety checks. Their boundary is set at install time and locked.
In Hands-Free Mode, you can pre-authorize specific workflows (file access, Git operations, deployments). These are scoped, logged, and revocable at any time.
Every action an agent takes -- whether in manual or Hands-Free Mode -- is logged with a timestamp, the action taken, and the agent's reasoning. You can review everything.
We don't ask you to trust our word. We build on industry-standard encryption and security practices that have been battle-tested by the largest companies in the world.
No ambiguity. No legalese. Here's the plain-English breakdown of Coral's access boundaries.
Your encrypted credential vault (ciphertext only -- we can't decrypt it).
Your skill configuration -- which skills you've installed and their settings.
Anonymized usage metrics -- how often features are used, never what you use them for.
Your email address -- for authentication and security alerts only.
Your plaintext API keys or credentials. Ever. They're encrypted before leaving your device.
The content of your memory vault. We store it encrypted. We can't read it.
Your source code, projects, or files. Agents run locally. Your code stays on your machine.
Any data you've deleted. Deleted means permanently purged.
"I built Coral because I was tired of my AI forgetting everything. But when I realized that meant storing people's API keys and agent workflows, I knew security couldn't be an afterthought. We spent more time on the encryption and safety architecture than on any feature. If people don't trust Coral with their credentials, nothing else matters. That's why every security decision is documented here -- not in a legal page nobody reads, but right here, in plain English, for everyone."
We're an open book. If you have questions about how Coral handles your data, our encryption methods, or anything else on this page -- reach out directly. We respond to every message.