Trust
Security at Sendapuffin
The service combines short-lived mission links with user-scoped OAuth tools and an explicit browser confirmation before every connected-provider write.
Controls
- Verified authentication is required to create missions.
- ChatGPT and Claude connect through OAuth 2.1 with PKCE and user consent.
- Capability and approval tokens are randomly generated and stored only as cryptographic hashes.
- Provider credentials are encrypted before storage.
- OAuth client tokens are read-only for mission records.
- Google Calendar writes require a separate short-lived Sendapuffin approval.
- Creators can revoke or permanently delete missions and disconnect providers.
- Mission manifests are not cached or indexed.
- Database row-level security isolates creator dashboards.
- Remote source fetching is restricted to administrator-approved hosts with network and response limits.
What users should do
Treat every mission URL like a temporary password. Share it only with the intended recipient, avoid sensitive data, and revoke it if it reaches the wrong person.
Report a vulnerability
A public security-reporting inbox is being provisioned. Private-beta participants should use the contact channel in their invitation. Please do not access other users’ data or disrupt the service while testing.
