Security posture · Updated July 2026

Security

Vivari runs AI agents against real codebases, so its security model is the product, not a page. The design is local-first: your code stays on your machines, every agent is scoped to its role, and everything it does lands on a record you can export. Here is the honest state of it, today.

Local-first architecture

Agents run and Vivari Guard indexes and analyzes your repositories on your own infrastructure. Guard's change-safety analysis — change-coupling from your git history, the risk score, the PASS/WARN/BLOCK gate — completes with no network call. Your source is not uploaded to us to be reviewed.

Scoped, per-agent permissions

Every agent runs under a permission profile matched to its role — least privilege by default. A reviewer that cannot write; a writer that cannot deploy. Risky tool calls hit an explicit gate you answer in one tap: run once, add to an allowlist, or reject. Nothing holds the production keys because it happens to be running.

Deterministic review

Guard is deterministic: the same diff always produces the same score, and every finding is traceable to named commits and measurable signals. No LLM makes the safety call, which means no model's blind spots are in the loop and no review decision is unreproducible when someone asks how it was made.

Full audit trail, exportable

Every tool call, message, decision, and permission grant is captured on a timestamped, replayable audit trail — exportable to your SIEM. When an agent does something you need to account for, the trail turns "we think it did X" into exactly what it did, and when.

Private repositories

Vivari points your existing agents at your existing repositories. It does not require you to push code to a third-party host, mirror it to us, or make anything public to be managed.

No training on your code

We do not train models on customer code, prompts, transcripts, or repository contents. Vivari runs the agent harnesses you already trust (Claude Code, Codex, Cursor); their own providers' data terms apply to those sessions, and we add nothing that repurposes your work.

What we do not claim

Vivari is pre-launch and holds no formal security certifications today — no SOC 2, no ISO 27001. We would rather state that plainly than imply an audit we have not completed. Formal audits are on the roadmap as the product and team grow; if a certification is a hard requirement for you, tell us where you stand and we will be straight about timing.

Frequently asked questions

Does my code leave my machines?
No. Local-first: agents run and Guard analyzes on your own infrastructure, with no network call for the analysis itself.
Do you train on my code or data?
No. We do not train models on customer code, prompts, transcripts, or repository contents.
Are you SOC 2 certified?
Not yet — see above. We hold no formal certifications today and will not imply otherwise.
How do you limit what an agent can do?
Per-agent permission profiles scoped to the role, plus an explicit gate on every risky tool call.
Can I get an audit trail for compliance?
Yes — a complete, timestamped, replayable trail with SIEM export, and deterministic Guard verdicts.

Security questions: hello@vivari.ai. Real answers from the people building it — not a portal.

Request early accessHow Guard reviews changes →