What an agent is allowed to touch, who signs off before it runs, and where your credentials actually live.
Tool permissions
Every generated agent lists the tools and access it needs in plain language before you download it — file access, network calls, which external services (Slack, Gmail, Google Calendar, GitHub, and so on), and whether it can send data out. There's no wildcard-by-default permission; the publish scanner specifically flags broad-permission grants (unscoped network access, external API access without listed targets) as a risk category.
Human approval points
Before publish — you review what the agent or team will do, what it remembers, and what needs human review, with the security label shown next to it.
Before import — the Audit tool flags risky permissions and unsafe patterns in third-party repos or ZIPs before you run them.
Before Desktop setup — local and third-party folder imports carry explicit caution copy distinguishing them from cloud-built, already-scanned agents.
Data handling
API keys and model access
Agentlas does not host or proxy models. You connect the AI account or API key you already pay for; it is not routed through an Agentlas-owned server.
Where keys live
Settings-saved keys in Agentlas Desktop are stored in the OS keychain. Imported .env files and CLI credential files may remain as local files under your control.
Imported source code
When you import a ZIP or public GitHub repo, Agentlas scans it, redacts detected secrets, and retains only the manifest — not your original source.
Published profiles
Public profiles show the agent's structure, purpose, and safety labels — never the runtime secrets or credentials used to operate it.
Common questions
Does Agentlas see my API keys?
Settings-saved keys live in your OS keychain on Desktop, not on an Agentlas server. Agentlas does not proxy your model calls.
What happens if a scan finds something critical?
Publish is blocked entirely until the finding is fixed — there's no override toggle for critical findings.
Can I see exactly what an agent will touch before running it?
Yes. The security label and permission list are shown before download, before publish, and before import of a third-party package.
Permissions, approval, and data handling · Agentlas docs