Security.

Email rob@strake.dev with details. We prioritize security reports and will respond as quickly as possible.

Strake requests only the access needed to provide deploy-safety signals: workflow metadata, configured lockfiles, incident context, service mappings, and runbook content.

Strake uses managed infrastructure providers including Supabase and Vercel. Data is encrypted in transit, sensitive secrets are stored outside the client, and service-role access is limited to backend paths.