TaskFlow trust

Security

TaskFlow is built for controlled multi-project agent operations with project-scoped authorization and durable execution evidence.

Access control

  • - TaskFlow authenticates connector traffic with OAuth or bearer tokens.
  • - Project data is authorized through project membership before connector tools read or mutate records.
  • - Project API keys remain bound to their project unless explicitly configured as internal global keys by the operator.

Agent-work guardrails

  • - Builder runs record durable run state, checkpoints, handoffs, approvals, artifacts, and audit events.
  • - High-trust operations are designed around project pods, workspace-root policy, and explicit approval checks.
  • - MCP tools expose read-only and destructive annotations so compatible hosts can show appropriate risk cues.

Operational controls

  • - Connector tools use timeout and result-size guards before returning responses to hosts.
  • - Raw repo file APIs are restricted to global administrators.
  • - Security issues can be reported to support@emun.io with the affected workspace, project, route, and timestamp.