Security & Trust

Verify us. Don't take our word.

Busymate DevTools sees your production traffic, so trust has to be checkable — not claimed. Roles enforced by the database, an append-only audit trail on every surface, and a vault that physically cannot leak a secret.

A vertical trust stack threaded by one line: a write-only vault door with an inbound arrow and a blocked outbound arrow, an append-only audit ledger of timestamped rows, a least-privilege role matrix, and at the base a database wrapped in a row-level-security shield. write-only audit_log 12:04:31 12:04:32 12:04:40 least privilege rls

The proof stack

Trust you can verify, not just read

The same guarantees that let an AI agent act on real infrastructure: row-level security everywhere, real least-privilege RBAC, an append-only audit trail, and a write-only vault.

Enforced in the database, not the UI

Every table is gated by row-level security, so the same role limits hold identically on the dashboard, REST, WebSockets and MCP. There is no back-door surface where the checks were forgotten.

Least privilege, for real

Seventeen independently gateable sections, each with separate view and edit switches, composed into custom roles. Give a contractor Devices-view without Scripts-edit — precision instead of admin-or-nothing.

Who did what, when — everywhere

An append-only audit trail records every action on every surface, including direct database access. Tail it live, filter it, diff changes, and share a permalink to the exact event in question.

Secrets that can't be read back

The vault stores keys encrypted and write-only. There is no reveal button — not for admins, not for the AI, not for anyone. A secret goes in once and is only ever used, never shown.

AI with guardrails

Agents act only within the caller's role, destructive tools require an explicit confirmation, and every action they take is permanently logged. Autonomy, with a paper trail.

Related: MCP server for AI agentsthe AI debugging assistantpartner SSO integration

FAQ

Questions evaluators ask

Is RBAC enforced in the UI or the database?

In the database — every table is row-level-security gated, so the same role limits hold on the dashboard, REST, WebSockets, and MCP alike.

Can an admin read back a stored secret?

No. Secrets are stored write-only in an AEAD-encrypted vault; there is no reveal button for anyone, including admins and AI agents.

Is there an audit trail for AI-agent actions?

Yes — every action an agent takes, including direct database access, is permanently logged in an append-only, cross-surface audit trail with live tail, filters, diffs and shareable permalinks.

Can I give a contractor limited access?

Yes — 17 independently gateable sections each expose separate view/edit switches, composable into custom roles, e.g. Devices-view without Scripts-edit.

Point it at production

Explore the roles, the live audit trail, and the vault in the dashboard — trust you can check, not just read.