Company
Security
How Inserloft approaches security across the Platform and APIs.
Security spans every layer of the Inserloft ecosystem — from how API keys are issued to how Projects and models are stored on Pixel.
Key practices:
- API keys are scoped to an Organization and can be rotated at any time.
- Private Projects and models are only visible to members of the owning Organization or Team.
- Model uploads and Deployments go through the same access controls as any other Project resource.
If you believe you've found a security issue, please report it privately rather than through a public Issue on a Pixel Project.