Security

Context Layer enforces security properties through its runtime boundary model.

Runtime Boundary Model

Context Layer operates as Execution Authority positioned between application logic and LLM provider invocation. The runtime boundary ensures that admission control, constraint validation, and context construction occur before any provider call.

BYOK Credential Control

Provider credentials remain under developer control. Context Layer does not persist, store, or log provider API keys. Credentials are passed per execution and not retained by the runtime.

Provider Key Handling

Provider keys are not persisted. Provider keys are not logged. Keys are used only for the duration of the provider invocation within a single execution.

Authority Enforcement

Constraints are validated and enforced prior to model invocation. Execution mode validation and session lifecycle enforcement occur before provider calls. Provider safety validation is applied prior to invocation.

Execution Trace Integrity

Authority reports (Flow mode) contain aggregated execution trace metadata. Trace data is used for runtime reporting and is not exposed to third parties beyond the project scope.

Session Isolation

Sessions are isolated per project and per execution mode. Cross-project state access is not permitted. Project boundaries are enforced prior to execution.