Security by architecture,
not afterthought.
Lorenz treats security as a design constraint built into every layer — not a checkbox applied at the end.
Security controls
Four integrated controls that protect every operation within Lorenz.
AEGIS Guardian
Lorenz evaluates prompts, commands, and high-risk actions for destructive patterns, prompt injection markers, and unsafe intent before execution.
Data Egress Control
Sensitive routing and OCR policy decide when data can stay local, when it can remain in-country, and when external providers are forbidden.
Controlled Skills And Tools
No blind plugin sprawl. Skills are explicit capabilities that can be allowlisted, scoped, and monitored before touching user data.
Recovery And Evidence
Action Journal, workspace snapshots, undo, heartbeat, and build metadata support detection, response, and accountable rollback.
Threat model
How Lorenz addresses common AI security threats by design.
| Threat | Mitigation |
|---|---|
| Prompt injection | AEGIS screens prompts for injection markers and destructive intent before execution. |
| Data exfiltration | Sensitive routing and OCR policy enforce local-only and in-country data paths. |
| Unauthorized tool execution | Skills require explicit allowlisting, scoping, and human confirmation for high-risk actions. |
| Cross-tenant leakage | JWT tenant claims and strict workspace path validation prevent cross-boundary access. |
| Silent failure | Action Journal, heartbeat, and build metadata ensure incidents are visible and traceable. |
Operator principles
- Security is a design constraint, not a feature flag.
- Every action must be attributable to a user, tenant, and workspace.
- Sensitive data paths default to local-only until policy explicitly allows otherwise.
- Human confirmation is required for destructive or high-risk operations.
- Audit trails are immutable and always-on — they cannot be disabled by tenants.
Security that scales with you
Deploy Lorenz with confidence — every layer is designed for enterprise-grade security.