Security

Security and control model

Transport security

qccard.ai is served over HTTPS. The production deployment is reverse-proxied through Nginx and uses TLS certificates for encrypted browser traffic.

Production operation

Gizzy runs in production mode for this deployment. Live Claude orchestration and connector actions require configured credentials, declared tools, and explicit read/write permission boundaries.

Manifest-gated tools

Each presenter manifest declares the exact tools available to the AI presenter. Built-in UI tools and adapter-routed tools are handled by the orchestrator, and undeclared tools are rejected instead of being executed.

Connector safeguards

Adapter calls include session correlation and idempotency keys. The FNI/IntellaSwitch adapter uses tenant-specific credentials. Webhooks support HMAC signatures when a shared secret is configured.

Enterprise readiness

Enterprise production use should add role-based access control, formal audit-log retention, incident response procedures, and compliance evidence such as SOC 2 or ISO 27001 documentation.