Security

Confirm-first capture

No skill reaches the team brain without a human yes. Drafts stay in the author's personal workspace until explicitly promoted. Approvers see the full artifact, trigger, steps, checks, rationale, before confirming.

Scoped, revocable keys

Personal keys (cog_me_*) are person-scoped. Team keys (cog_live_*) are org-scoped and belong in a secrets manager, never in code. A personal key cannot write team-wide approved skills without explicit promotion. All keys are revocable from the dashboard at any time.

Team boundaries

Skills, circuits, and decisions are org-bounded. A personal install cannot read another org's team brain. Org admins control who can read, write, and approve skills. Cross-org sharing requires explicit Bridge Cloud federation consent from both sides.

What we store

Approved skill artifacts (trigger, steps, checks, author, timestamps), outcome receipts (which skill, which agent, whether it helped), and agent routing signals for future retrieval improvement. We do not store raw source code, unapproved drafts, secrets, credentials, or communication outside the agent session.

Data and deletion

Personal memory can be deleted at any time from account settings. Team skills can be archived or removed by org admins. Outcome receipts can be cleared on request. Email privacy@cognitionus.com for full data deletion.

MCP transport

Cognition uses Streamable HTTP MCP, no persistent socket, no background process after the session ends. Each call is authenticated with a Bearer token scoped to the requesting user or org. Cognition does not execute code, modify files, or take actions outside returning memory and routing guidance.