Security & Privacy

Private agents, built for messaging.

ShellBot gives each customer a dedicated agent environment, with scoped permissions, encrypted access, and approval before any sensitive action. Use it from WhatsApp, Telegram, or Signal without putting your data in a shared assistant.

Dedicated environment

Each customer gets an isolated agent machine, not a shared assistant pool.

Encrypted access

Keys and credentials stay protected with scoped access and encrypted storage.

Human approval

Sensitive actions require explicit confirmation before the agent proceeds.

You Stay In Control

Your agent plays by your rules.

Your agent asks before acting, logs what it does, and can be stopped instantly. You stay in charge even when the request starts from a messaging app.

Confirmation before action

Your agent asks before sending emails, deleting files, or modifying data. Nothing destructive happens without your explicit approval.

Spending protection

Automatic limits prevent runaway costs. If something loops, we catch it before it drains your credits.

Jailbreak & injection defense

Prompt injection defenses detect and block known attack patterns. Multiple layers of protection help keep your agent's safety rules intact.

Scoped permissions

Your agent only accesses what you allow. Email read doesn't mean email send. Calendar view doesn't mean calendar edit.

Full action audit trail

Actions your agent takes are logged and reviewable from the dashboard. Track what happened and when.

Instant kill switch

One click to pause or stop your agent immediately. If anything looks off, you're always one tap away from full control.

How It Works

4 Layers of Protection

Four barriers between the internet and your private data.

Your Login

Two-factor authentication: password + phone

Encrypted Connection

All traffic encrypted to the same standard as online banking

Private Network

Your machine is hidden behind a firewall. No public access

Your Own Machine

A dedicated computer just for you. No one else's data touches it

How We Protect You

What We Do To Keep You Safe

Every part of ShellBot is designed to protect your data and your privacy.

Your Account Is Locked Down

Two-factor login means nobody gets in without your password and your phone.

  • Sessions expire automatically. No stale logins
  • You control exactly who can access your agent
  • Password + authenticator app required

Your Keys Are Encrypted

The keys that connect to your machine are encrypted and never visible to anyone, not even our team.

  • Private keys never visible to anyone, including us
  • Each operation uses unique encryption
  • Keys only decrypted when actively needed, then discarded

Your Machine Is Hidden

Your agent runs behind a firewall on a private network. There's no way to reach it directly from the internet.

  • All direct connections blocked by default
  • Access only through our secure proxy. No back doors
  • Encryption certificates renewed automatically

Your Agent Is Contained

Your AI agent runs in an isolated container. It can't affect other systems, and every plugin is scanned for safety.

  • Agent runs in its own isolated environment
  • Only verified plugins. No untrusted code
  • Security checks run after every major action
  • One-click stop from your dashboard

Where The AI Brain Runs

The AI model itself runs at the model provider — same infrastructure that powers ChatGPT or Claude. Your conversations are processed there. Your files, agent configuration, and operational logs stay on your private server.

  • The language model runs at the model provider, like any AI app today
  • Your sessions aren't pooled with other ShellBot users
  • Files, configs, and operational logs stay on your private server
  • Need stricter control? Talk to us about bring-your-own-key options

Your App Credentials Are Separate

When you connect Gmail, Slack, or Calendar, those credentials are encrypted and stored separately from your agent's machine — never on the server that runs your agent.

  • Your app credentials are encrypted and isolated per user
  • AI model keys are per-user, not shared
  • Bring your own API keys if you prefer
  • Gmail, Slack, GitHub passwords never stored on the agent's machine
Compliance & Standards

Working Toward Industry Standards

SOC

SOC 2

Controls mapped to Security & Availability criteria. Not yet certified.

GDPR

GDPR

Data encryption, access controls, minimal collection. EU data centers.

PCI

PCI DSS

Stripe handles all card data. ShellBot does not process card numbers.

ISO

ISO 27001

Security controls informed by ISO 27001 framework. Not yet certified.

OpenClaw & VirusTotal

Every Plugin Is Scanned for Malware

Your ShellBot only runs verified plugins. Every extension is automatically scanned before it reaches your machine.

OpenClaw

VirusTotal Sentinel

OpenClaw partners with VirusTotal (the world's leading threat intelligence platform) to scan every plugin. Each one is analyzed by multiple security engines and AI-powered code analysis before it's available to install.

Read about the OpenClaw & VirusTotal partnership
  • Automated multi-engine scanning via VirusTotal on every plugin update
  • AI-powered Code Insight analysis detects suspicious patterns, data exfiltration, and coercive instructions
  • Malicious plugins are blocked instantly. Suspicious ones are flagged with warnings
  • Daily re-scans ensure previously clean plugins remain safe over time
  • Your ShellBot ships with only certified, verified extensions by default
Technical Specifications

Under the Hood

Encryption

At Rest
AES-256-GCM
In Transit
TLS 1.3
Key Algorithm
Ed25519
User Data
Supabase RLS

Infrastructure

Provider
Hetzner Cloud (DE)
Networking
Private VPC
Proxy
Traefik + Auto TLS
Data Centers
GDPR Compliant

Auth & Billing

Auth Provider
Clerk
Auth Methods
Password + TOTP
Sessions
JWT + Auto Rotation
Billing
Stripe Direct
Deploy my Agent

Set Up Your Agent in Minutes

1Sign up
2Authenticate with 2FA
3Choose a plan
4Deploy
ShellBot - An Assistant That Does the Work