> ## Documentation Index > Fetch the complete documentation index at: https://docs.twill.ai/llms.txt > Use this file to discover all available pages before exploring further. # Security > How Twill protects your code and data Twill is built with enterprise security requirements in mind. Your code and credentials stay protected at every step. ## Code Execution Isolation Agent code runs in isolated cloud dev environments, completely separate from Twill's infrastructure: * **Per-workspace isolation**: Each workspace gets its own dev environment. One workspace's code, repos, and secrets are never reachable from another's. * **Per-task forks**: Every task runs in an isolated fork, so changes made by the agent can't leak into your base environment or into other tasks. * **Resource limits**: CPU, memory, and disk quotas prevent runaway processes. See [Dev Environment](/sandbox-environment) for how the workspace sandbox and task forks fit together. ## Read-Only by Default Twill agents operate with minimal permissions: * **GitHub read-only**: Agents cannot push directly to your repositories * **PR-based workflow**: All changes go through pull requests for human review * **No direct deploys**: Twill never deploys code without your approval ## Data Encryption Your sensitive data is protected at rest and in transit: * **AES-256-GCM encryption**: Environment secrets are encrypted before storage * **HTTPS everywhere**: All API communication uses TLS * **Short-lived tokens**: GitHub access tokens are cached briefly and refreshed automatically ## Webhook Verification All incoming webhooks are cryptographically verified: * **HMAC-SHA256 signatures**: GitHub, Linear, and Slack webhooks use signed payloads * **Timing-safe comparison**: Prevents timing attacks on signature verification * **Replay protection**: Slack webhooks reject requests older than 5 minutes ## Workspace Isolation Multi-tenant architecture ensures strict boundaries: * **Role-based access**: Owner, Admin, and Member roles with appropriate permissions * **Credential scoping**: Each workspace's secrets are isolated from others * **OAuth state validation**: CSRF protection on all authorization flows ## No Model Training Your code and prompts are never used to train AI models. Twill processes your data only to complete tasks you request. ## Best Practices ### Environment Variables * **Use Twill's secret storage**: Add sensitive values through the workspace environment settings rather than committing them to your repository * **Use dev credentials only**: Create separate API keys for developmentā€”never give agents access to production credentials * **Rotate credentials regularly**: Update API keys and tokens periodically * **Scope permissions narrowly**: Give third-party API keys only the permissions they need ### Branch Protection Enable GitHub branch protection on your main branches: * **Require pull request reviews**: Ensure human review before merging agent PRs * **Require status checks**: Block merges until CI passes * **Restrict direct pushes**: Prevent bypassing the PR workflow These settings work with Twill's PR-based workflow to maintain code quality and security. ## Third-Party Services Twill integrates with trusted infrastructure providers: * **Modal / Daytona**: Sandbox execution environments * **GitHub / Linear / Slack**: Issue tracking and communication * **Stripe**: Payment processing (PCI compliant) For detailed privacy information, see our [Privacy Policy](https://twill.ai/privacy).