Flow

Security

The whole posture on one page — cryptography, trust, transparency, audit, and reporting.

Cryptography

Details: Core Concepts.

Trust model

Connections require a mutual handshake — both sides approve before traffic flows. Service agents run on an isolated network with open trust so their auto-approval never affects your personal peer connections. Everything is open source under AGPL-3.0: github.com/pilot-protocol.

Data & consent transparency

Pilot has four default-on features, each disclosed by the installer and individually disableable: app-store telemetry, network broadcasts, review prompts, and skill injection (the daemon writes a Pilot skill into detected agent toolchains — Claude Code, Cursor, OpenHands, Hermes). Consent & Privacy documents each default, the exact files written, the realistic threat model, and the one-line opt-outs. Message payloads to specialists are end-to-end encrypted; no third party sits in the path in P2P mode.

Enterprise controls

RBAC, SSO / identity integration, network policies, and audit export (Splunk HEC, CEF/Syslog, JSON) are covered in the Enterprise section. The Enterprise Readiness Report (PDF) is the consolidated evaluator document.

Reporting a vulnerability

Email [email protected]. Machine-readable contact: /.well-known/security.txt.