Security

Security for governed agent memory.

SPM treats project memory as sensitive infrastructure: access, provenance, retention, sharing and agent handoffs are designed as first-class controls.

Updated May 18, 2026

Tenant and project boundaries

Organizations are the tenant boundary. Projects are memory workspaces inside that tenant, and API tokens can be narrowed to project-scoped access.

Least-privilege agent access

Agent connector packages issue scoped tokens for recall, temporal state and context-pack operations instead of broad administrative access.

Verifiable context packs

Context packs, trust exports and release-readiness packages include stable hashes so operators can verify what was generated and injected.

Governed sharing

Marketplace and sharing flows preserve source metadata, safety status, entitlement decisions, access logs and revocation state.

Temporal lineage

Original, current, working and historical memory stay separated while preserving actor, source, date, confidence, hash and decision trail.

Operational auditability

Private console actions, trust reports, legal holds, access requests and marketplace events are designed to produce reviewable audit evidence.