Security & Access Boundaries

1) Shared-folder-only enforcement

DeviceLink enforces a strict access boundary: all file operations are scoped to folders explicitly shared by the user. Paths must be relative to a shared folder root.

• Absolute paths are rejected
• Path traversal ("..") is rejected after normalization
• Symlinks are resolved and denied if they escape the shared folder

2) Secrets handling

Secrets and private keys are not committed to source control. In production, secrets are provided via secure runtime configuration (e.g., Fly.io Secrets) and are not exposed through public routes.

3) Logging

DeviceLink aims to avoid logging file contents, OAuth tokens, or private key material. Logs are limited to operational metadata and high-level diagnostics.

4) Responsible disclosure

If you believe you have found a security vulnerability, please report it responsibly. Send details to security@devicelink.ai. Please include steps to reproduce and any relevant logs.

We aim to acknowledge reports promptly and work with you on remediation. Please do not publicly disclose vulnerabilities before we have had a reasonable opportunity to investigate and address the issue.