Overview
ArgentOS gives an AI agent significant power over your system — command execution, file access, web browsing, and network communication. Security is built into every layer to ensure this power is used responsibly.Security Layers
Sandboxing
Control what tools the agent can use and what operations require approval
Authentication
Multiple authentication mechanisms protect different parts of the system
Secret Management
Secure handling of API keys, tokens, and credentials
Threat Model
| Threat | Mitigation |
|---|---|
| Agent executing harmful commands | Sandboxing, tool policies, approval workflows |
| Unauthorized gateway access | Gateway auth tokens, network restrictions |
| API key exposure | Local-only storage, file permissions |
| Memory data leakage | Local SQLite, no external transmission |
| Channel impersonation | User allowlists, channel pairing |
Default Security Posture
Out of the box, ArgentOS ships with:- Sandboxed mode for tool execution
- Gateway auth enabled
- Localhost-only binding (no remote access by default)
- User allowlists empty (allows all, but easy to restrict)
- API keys stored with user-only file permissions
Security Best Practices
- Enable gateway authentication — Always use an auth token
- Use sandboxed mode — Require approval for destructive operations
- Restrict channel access — Set
allowedUserson each channel - Use Tailscale for remote access — Never expose the gateway directly to the internet
- Rotate API keys periodically
- Monitor gateway logs for unusual activity
- Keep ArgentOS updated for security patches
Principle of Least Privilege
Configure each agent with the minimum tools and permissions it needs:| Agent Type | Recommended Mode | Details |
|---|---|---|
| Customer-facing | Locked | No exec, no browser |
| Personal | Sandboxed | Approval for destructive ops |
| Development | Unrestricted | Controlled environment only |