Security Posture

Platform Protection

At Vibeoks, a platform by GloMap Venture Studios, securing your workspace and codebase is our priority. We utilize modern cloud infrastructure and strict access controls to ensure your data is protected from unauthorized access.

HTTPS Encryption
Tokenized Auth
Strict Data Rules

1. Authentication & Identity

Your account is secured using robust token-based authentication. This ensures:

  • Secure session management that isolates your workspace from other users.
  • Encrypted password handling—we never store or see your raw passwords.
  • Secure token validation required for every critical read or write operation to our servers.

2. Repository Isolation & Data Rules

Your repositories are guarded by deeply integrated database security rules. These protocols verify ownership at the server level before any data is processed.

  • Private Workspaces: Code stored in private repositories is structurally inaccessible to unauthenticated users or those without explicit owner permissions.
  • Granular Visibility: You can explicitly mark specific files or folders as "private," preventing them from rendering to the public even if your main repository is shared.

3. Vibefiles Engine & Stealth Modes

Our AI bundling engine, Vibefiles, operates entirely under your control to prevent the accidental exposure of sensitive environment configurations or private logic:

  • Local Filtering: Exclusion rules (like novibe) and deep stealth keywords (like .harfignore) are respected immediately. Files matching these patterns are bypassed before the AI map is ever compiled.
  • On-Demand Processing: The bundling engine only runs when you explicitly click compile. We do not use background scrapers to parse or index your code for external AI training.

4. The Shared Responsibility Model

While we secure the infrastructure boundaries and authentication flow, maintaining a safe repository is a shared responsibility:

  • Never Commit Secrets: Do not upload .env files, raw API keys, production database credentials, or private SSH keys to Vibeoks or any other cloud environment.
  • Maintain Local Backups: Always retain authoritative local copies of critical code using your standard local tools.

5. Vulnerability Reporting

If you discover a vulnerability within the Vibeoks web interface or the Vibefiles engine, please report it to the GloMap Venture Studios team via our Support portal. We appreciate responsible disclosure to help keep the vibecoding community secure.