Security model

Outloop is designed to let AI agents use approved API access without seeing, copying, logging, or storing raw API keys in chats or project folders.

Core principles

• Secrets stay local.
• Agents request actions, not raw keys.
• Runtime access is explicit.
• Tenant grants are required.
• Wrong-client access is blocked by policy.
• Audit records are redacted.

Local-first by design

Outloop runs locally on your Mac or approved workstation.

Credentials stay in approved local or external secure backends such as macOS Keychain, 1Password, Infisical, Doppler, or future secure backend equivalents.

Outloop is not a vault. Outloop controls runtime access above your existing secure backend.

What Outloop cloud does not receive

Outloop cloud never receives:

• Raw API keys
• Authorization headers
• Bearer tokens
• .env contents
• Secret-bearing files
• Browser-stored secrets
• Raw local project files
• Raw API responses
• Raw local audit logs by default

Runtime access model

When an agent needs to use an approved service, it requests access through Outloop.

Outloop checks:

• Project identity
• Tenant identity
• Service or alias
• Runtime permission
• Allowed host or base URL
• Policy state

Only after access is allowed does the local broker use the credential.

If access is denied, the backend secret should remain untouched.

Audit model

Outloop records decisions and runtime activity without logging the raw secret.

Audit records may include:

• Timestamp
• Tenant or project reference
• Service or alias
• Decision
• Runtime mode
• Denial reason
• Secret exposed: false

Audit records must not include:

• Raw API keys
• Bearer tokens
• Authorization headers
• Passwords
• .env contents
• Secret-bearing files

Beta status and limitations

Outloop is currently in commercial beta. Do not treat beta software as independently certified security infrastructure. Outloop is designed around local-first secret protection, tenant separation, and redacted audit, but broader compliance certifications are not yet complete.

Responsible use

Outloop is intended only for API credentials, accounts, workspaces, systems, and data that you own, manage, or are legally authorized to access.

Outloop must not be used for unauthorized access, credential theft, credential harvesting, spyware, keylogging, account takeover, spam, abuse, or unlawful activity.

Contact

For security questions or responsible disclosure, contact:

support@outloop.co

Do not include raw API keys, passwords, Bearer tokens, Authorization headers, .env contents, or customer secrets in your report.