The boundary is the product.

Architectural guarantees

Most of what we can tell you about security follows from the deployment model rather than from a policy document.

• Customer-hosted by default. The Modelsmith iterate loop runs inside your environment. Training data, eval evidence, model weights, and deployment state never leave your boundary.
• Fork-first repository. You fork an open-by-contract codebase into your organisation. You can audit every line before you run it. You can pin to a commit we have both reviewed.
• Substrate-agnostic inference. You pick the serving vendor or on-prem target. The deployment artefact is yours to hand to whichever runtime meets your residency and latency constraints.
• Air-gap-compatible. The training and eval pipeline is designed to operate without outbound connectivity after initial dependency installation. If your hardware does not talk to the internet, neither do we.

Website and corporate systems

Encryption

This website is served over TLS 1.2 or better. Internal administrative systems (email, shared drives, code hosting) use provider-managed encryption at rest. We require two-factor authentication on every identity that can access customer or corporate information.

Access control

Access to customer-shared material is granted on the principle of least privilege and reviewed quarterly. Access leaves with the person: when a team member offboards, their access is revoked the same day.

Endpoints

Team devices run modern operating systems with automatic security updates, full-disk encryption, and managed configuration. Unmanaged devices may not access customer material.

Dependencies and supply chain

The Modelsmith repository uses dependency lockfiles, Dependabot security updates, and a gitleaks secret-scanning CI check on every pull request. We disclose and track known CVEs that affect the codebase; critical issues trigger an out-of-band release within the business day.

Customer engagements

Data-processing agreement

Where we process personal data on your behalf, we enter into a data-processing agreement (DPA) on request. Our default template follows UK GDPR Article 28 and the EU SCCs where international transfers are involved. We accept reasonable customer redlines.

Material shared during an engagement

During an engagement we may review material you choose to share (architecture documents, redacted eval extracts, workflow descriptions). We log what we receive, keep it inside an encrypted and access-controlled workspace, and delete it on request or at the end of the engagement, whichever is sooner.

Incident response

If we become aware of a security incident affecting material you have shared with us, we will notify your named security contact within twenty-four hours of confirming the incident, describe its scope, and agree a joint response. We will not delay notification to complete our own investigation.

Responsible disclosure

If you find a vulnerability in our website or in the Modelsmith platform, please email security@agentsia.ai with steps to reproduce and any supporting material. We commit to:

• Acknowledging your report within two working days.
• Providing a substantive response, with a remediation plan or decision, within fourteen working days.
• Crediting you publicly if you wish, once the issue is resolved.

We do not take legal action against good-faith security research and we do not require NDAs as a precondition for disclosure.

Future attestations

As we grow, we expect to pursue SOC 2 Type II and ISO 27001 certifications, in that order. We will publish the scope and the audit period here when we start each process, and will not use the language of those frameworks before they apply. What we publish today is what we do today.

If your security team would like to walk the codebase with us, we welcome that. Fork the repository and book a review. The surface is small on purpose.