This documentation covers the security architecture of CoWork OS, an AI-powered task automation platform.
- Security Model - Overview of the security architecture
- Trust Boundaries - Understanding workspace, channel, and network boundaries
- Configuration Guide - How to configure security settings
- Best Practices - Recommended security settings and practices
CoWork OS is designed with security in mind. By default:
- Pairing mode is enabled for all channels - users must enter a pairing code to connect
- Sandboxing isolates command execution using macOS sandbox-exec or Docker
- Tool restrictions prevent sensitive operations in shared contexts (group chats)
- Approval gates require user confirmation for destructive operations
- Defense in Depth - Multiple layers of security controls
- Least Privilege - Tools only have access to what they need
- Deny by Default - Explicit allowlisting for access
- Audit Trail - All messages and actions are logged
- For security questions, see the FAQ section
- To report a security issue, please email security@cowork.dev