Customer-facing security architecture

How Guni fits into a browser-agent stack

This page is built for security reviews and technical buyers. It explains where Guni sits, what data it handles, and how teams can deploy it with stronger controls.

Request flow

1. Agent loads or receives page HTML 2. Guni parses DOM, forms, scripts, and visible/hidden text 3. Detectors score prompt injection, phishing, clickjacking, redirects, and goal mismatch 4. Policy decision returned: ALLOW / CONFIRM / BLOCK 5. Agent proceeds, pauses, or aborts based on policy

Deployment choices

Self-hostedRun the SDK or API inside the customer environment for tighter control over HTML and logs.

Managed pilotUse the hosted API for faster evaluation and design-partner rollouts.

HybridKeep sensitive workflows self-hosted while using the hosted dashboard for controlled demos and reporting.

Data handling

InputsHTML, page URL, agent goal, and optional API key/session context.

Runtime stateAudit logs, waitlist entries, user records, alerts, and scan history live in the configured runtime data directory.

Control pointTeams can isolate these paths using persistent volumes and explicit environment variables.

Auth and controls

Session-backed portalThe customer portal now requires account session authentication instead of trusting a pasted API key in the browser.

Role gatingAdmin-only operations such as full key inventory, rotation, revocation, and audit review are restricted to authenticated admin accounts.

API protectionProduction deployments should require `X-API-Key` on the hosted API and a strong `GUNI_SESSION_SECRET`.

Current trust posture

Included todayCI-backed API tests, isolated runtime storage, role-aware portal access, org-scoped audit events, key lifecycle controls, deployment guidance, and customer-facing security documentation.

Still maturingFormal penetration testing, enterprise SSO, signed audit exports, and deeper tenant isolation.

Recommended rolloutStart with a focused evaluation on high-risk browser workflows, then expand after measuring latency, block rate, and false positives.