Security is the architecture, not a feature
Every design decision in CitrusGlaze starts with the threat model. 17 Rust crates, 560+ tests, and a 9-stage inspection pipeline. The scanner is open source — audit the detection patterns yourself.
Threat model
Each threat maps to implementing code. Click the defense to view the source.
| ID | Threat | Defense |
|---|---|---|
| T1 | Data Exfiltration | citrusglaze-secrets + honey tokens |
| T2 | Supply Chain | destination allowlist + Sigstore attestation |
| T3 | Destructive Ops | Cedar policies + injection detection |
| T4 | Lateral Movement | destination allowlist + metadata endpoint deny |
| T7 | Denial of Service | Rate limiting + cost caps |
| T8 | Loop Attack | loop_detection.rs — 5 in 60s threshold |
Testing
Tests across 17 crates
Unit tests, integration tests, and end-to-end tests covering the full inspection pipeline.
Adversarial bypass tests
Base64 encoding, URL encoding, hex encoding, ROT13, Unicode confusable characters — all tested.
AI tool compatibility
End-to-end compatibility tests for Claude Code, Cursor, Copilot, ChatGPT, and more.
Continuous integration
GitHub Actions CI runs on every commit across macOS and Linux. Clippy warnings treated as errors.
Transparency
Scanner is MIT licensed
Audit the scanner's 349+ detection patterns. No obfuscation, no hidden calls.
100% local processing
No telemetry, no phone-home, no cloud processing. Verify in the source.
SQLite local storage
All data stored locally in SQLite. You control your data completely.
Full source on GitHub
What we don't have (yet)
We believe transparency builds trust. Here's where we are today.
No SOC 2 Type II certification
On our roadmap. Our open-source code is available for your security team to audit directly.
No FedRAMP authorization
Not applicable to our current deployment model (100% local, no cloud component).
No 24/7 support team
Founder-direct support with response within 24 hours. We're a small team that built the product.
No SLA guarantees
We're early-stage. Our uptime record is excellent but we don't offer contractual SLAs yet.
We're early-stage and transparent about it. Our code is the proof.
Responsible disclosure
Found a security issue? We take vulnerability reports seriously. Please contact us directly.
[email protected]Ready to evaluate CitrusGlaze?
Start with the free scanner, or talk to us about your security requirements.