MatterLynx

Security

MatterLynx uses OAuth, tenant-scoped authorization, encrypted token storage, confirmation gates on higher-risk write tools, append-only audit records, and operator-only administrative controls.

Access and refresh tokens are encrypted at rest. Production secrets belong in managed environment variables, not source control. Privileged content is redacted from operational logs and usage reports.

Security issues should be emailed directly to Julian at julian@joulestudios.com with enough detail to reproduce the issue. We triage suspected token, tenant-isolation, billing, and write-safety issues as high priority incidents.