Security
How alice protects your data — encryption, RLS, audit logs, and data retention policies
Security
Security is a first-class concern in alice. Your data sources contain sensitive business information -- revenue, customer details, payment records -- and alice is designed to protect that data at every layer.
Credential Encryption
All source credentials (API keys, OAuth tokens, database connection strings) are encrypted at rest using AES-256 encryption. The encryption key is stored as an environment variable separate from the database, following industry best practices for key management.
What This Means in Practice
| Protection | Detail |
|---|---|
| Encryption algorithm | AES-256-GCM (authenticated encryption) |
| Key storage | Environment variable, never in the database |
| At rest | All credentials encrypted in the database |
| In transit | All connections use TLS/HTTPS |
| In the dashboard | Credentials are never displayed -- source config shows connection status only |
| In logs | Credentials are never logged, even in debug mode |
| In skill results | Source credentials are never included in query results |
Credential Lifecycle
- Connection -- When you connect a source, the OAuth token or API key is encrypted immediately before storage
- Query execution -- When a skill runs, credentials are decrypted in memory, used for the query, and discarded
- Disconnection -- When you disconnect a source, the encrypted credentials are deleted from the database permanently
Credentials are never cached, never written to temporary files, and never passed to client-side code.
Read-Only Queries
All skill queries execute in read-only mode. alice cannot modify data in your connected sources under any circumstances.
Supabase Queries
SQL queries submitted through the skill builder are validated before execution:
INSERT,UPDATE,DELETE,DROP,ALTER,TRUNCATE, and other data-modifying statements are rejected- Only
SELECTqueries are allowed - The
read_onlyflag is enforced at the query execution layer, so even if a query somehow bypassed validation, the database connection itself prevents writes - Your database's existing Row Level Security policies are respected
Stripe Queries
Stripe skills use pre-built metric blocks that only call read endpoints of the Stripe API:
- Customer data:
GET /v1/customers - Subscription data:
GET /v1/subscriptions - Payment data:
GET /v1/charges,GET /v1/payment_intents - Revenue data:
GET /v1/balance_transactions
alice never calls Stripe endpoints that modify data. The only exception is the Tag in Stripe action, which writes a metadata key-value pair to a customer record -- and this is an explicit, user-initiated action, not part of a query.
Row Level Security
When alice queries your Supabase database, it respects your existing RLS policies. alice does not use a service role key that bypasses RLS -- it connects using the credentials you provide during source setup.
This means:
- If your RLS policies restrict which rows a user can see, alice sees the same restricted data
- If a table has no RLS policies enabled, alice can read all rows (same as any direct database connection)
- alice never elevates permissions beyond what the provided credentials allow
If you want to restrict what alice can access, configure your Supabase RLS policies accordingly, or create a dedicated database role with limited permissions for alice's connection.
Audit Logs
Every skill execution and action is logged with a comprehensive audit trail. View logs at Dashboard > Logs.
What Is Logged
Each log entry includes:
| Field | Description | Example |
|---|---|---|
| Who | The Slack user who ran the skill or action | @sarah |
| What | The skill name or action type | churn-risk, stripe_tag |
| When | Timestamp of execution | 2026-02-04 09:15:23 UTC |
| Parameters | The parameters passed to the skill | {"days": 30, "limit": 10} |
| Result | The query result (truncated for large results) | 3 customers returned |
| Duration | How long the execution took | 342ms |
| Status | Whether it succeeded or failed | Success, Error |
| Source | Which data source(s) were queried | Stripe + Supabase |
| Response type | Ephemeral or in-channel | Ephemeral |
Filtering Logs
The logs page supports filtering by:
- Skill name -- See executions for a specific skill
- User -- See what a specific team member has run
- Date range -- Narrow to a specific time period
- Status -- Filter by success or failure
- Source -- Filter by data source
Log Access
All workspace members can view audit logs. This transparency ensures everyone on the team can see what queries are being run against shared data sources.
Data Retention
Execution logs (skill runs and action runs) are automatically deleted based on your plan:
| Plan | Retention Period | Cleanup Frequency |
|---|---|---|
| Free Free | 7 days | Daily |
| Pro Pro | 30 days | Daily |
| Business Business | 90 days | Daily |
A daily automated cleanup process runs at midnight UTC. It deletes all skill runs and action runs older than the plan's retention period. This process also cleans up expired team invites.
What Retention Affects
- Skill run logs -- The execution history visible in Dashboard > Logs
- Action run logs -- Records of button clicks and their outcomes
- Result data -- The actual query results stored in the log entry
What Retention Does Not Affect
- Skill definitions -- Your skills, their queries, and configurations are never deleted by retention cleanup
- Source connections -- Source configurations persist indefinitely
- Workspace settings -- Configuration is not subject to retention
Exporting Data Before Expiration
BusinessThe workspace owner can export all organization data (skills, logs, sources metadata) via the GDPR data export endpoint. This is rate-limited to 2 exports per hour to prevent abuse. Go to Dashboard > Settings > Security and click Export data to download a JSON file containing all your workspace data.
Revoking Source Access
You can disconnect any source at any time to immediately revoke alice's access to that data:
- Go to Dashboard > Sources
- Find the source you want to disconnect
- Click Disconnect
- Confirm the disconnection
What Happens When You Disconnect
| Effect | Detail |
|---|---|
| Credentials deleted | Encrypted credentials are permanently removed from the database |
| Skills affected | Skills that query the disconnected source become inactive and will return errors if run |
| Scheduled reports | Reports using the disconnected source are automatically paused |
| Monitors | Monitors using the disconnected source are automatically paused |
| Historical logs | Existing skill run logs are preserved (subject to retention) |
| Source data | No data in the external source is modified -- alice only queries, never writes |
Disconnection is immediate. There is no grace period or confirmation delay.
Reconnecting
To restore access, go through the source connection flow again. Skills, scheduled reports, and monitors that were paused will need to be reactivated manually.
Network Security
| Protection | Detail |
|---|---|
| Transport | All API calls use HTTPS/TLS 1.2+ |
| Hosting | Deployed on Vercel with automatic DDoS protection |
| Database | Supabase with encrypted connections and isolated tenancy |
| Webhook verification | All inbound webhooks (Slack, Polar) are signature-verified |
| CORS | Restricted to alice's own domains |
| Rate limiting | All endpoints are rate-limited to prevent abuse (details) |
Next Steps
- Members & Roles -- Access control and role management
- Plans Reference -- Retention periods by plan
- Limits & Rate Limits -- Endpoint rate limits
- Connect Stripe -- Source connection security
- Connect Supabase -- RLS and database security
- FAQ -- Common security questions
Was this page helpful?