Security at Code Index

Data Encryption

All data is encrypted both in transit and at rest using industry-standard protocols. Communication between your browser and our servers is secured via HTTPS using TLS 1.2 or higher.

Access Controls

We implement strict access controls across our infrastructure and application stack:

• Principle of least privilege enforced for all internal systems
• Role-based access and audit trails for internal usage
• Internal services run in isolated, firewalled environments

Audit Logging

All access and key operations are logged and monitored to ensure visibility and enable rapid response to any suspicious activity.

Penetration Testing

We regularly undergo third-party penetration tests to evaluate the security of our systems and proactively remediate vulnerabilities.

Vulnerability Reporting

Security researchers and users are encouraged to report potential vulnerabilities through our GitHub Security page. We take all reports seriously and aim to respond promptly.

GDPR and Data Privacy

We are committed to user privacy and data protection. Users may request data deletion, and all collected data is handled in accordance with applicable privacy laws, including GDPR.

Agent Activity and Prompt Data

For transparency and accountability, developer agent interactions (such as queries and prompt history) may be logged solely for debugging, performance analysis, and improving user experience.