Security
The agent asks first on anything that matters.
Limitless runs on a managed infrastructure model where security is our responsibility, not yours. Sensitive actions stop at an approval gate you control.
Approval gates
A hard stop before consequences.
The agent plans and acts freely on read-only work. The moment a step would spend money, send a message, delete data, or reach outside its working directory, it pauses and waits for you. Per-site allow and deny lists narrow this further.
Your device holds the secrets. The cloud only reasons.
What stays on your device
Browser session data, cookies, local logins, downloaded files, and anything you mark private in memory. These never leave your machine.
What we process in the cloud
Task instructions, the page snapshots and DOM excerpts the agent needs to reason, and its planning steps. Retention windows are configurable.
At the page level
Credentials and keys
Your keys stay yours.
Credentials live in the OS keychain or platform-equivalent secure storage, and any provider keys you bring are held the same way. The agent fills them at the page level. They are never sent to the cloud in plaintext, so our servers only learn that a login succeeded, not the secret behind it.
Untrusted page content
A web page is data, never a command.
Treated as untrusted
Text on a page is input to reason over, not an instruction to follow. Hidden prompts do not become commands.
Action grounding
Every action must match the task you gave, not something the page asks for. Off-task moves are rejected.
Cross-site isolation
A page on one domain cannot redirect a task aimed at another. Instructions do not leak across sites.
Every action leaves a record.
Full run history
Each task is logged step by step, searchable, and replayable after the fact.
Approval log
What was requested, what you approved or denied, and when, kept alongside the run.
Configurable retention
Set how long logs and cloud data are kept, per your policy, in account settings.
Deletion on request
Ask us to remove your data and we will. Retention windows are yours to shorten.
Compliance posture
We are building toward formal certifications. We do not yet hold SOC 2 or ISO 27001. This section is updated as our posture evolves. A current list of subprocessors is available on request.
Responsible disclosure
Report vulnerabilities to security@limitlessbrowser.ai. We acknowledge reports within 48 hours, provide safe harbor for good-faith research, and publish fixes transparently.
Questions about security? Reach us at security@limitlessbrowser.ai.