Security

Nexum Systems is designed around local-first automation, explicit approval boundaries, and clear operator control. This page summarizes the security principles behind Nexum workflows.

Local-first by design

Nexum agents are intended to run close to the user's machine and connected accounts. The default architecture favors keeping workflow state, drafts, logs, and sensitive context under customer control.

Human approval boundaries

Agents can classify, draft, summarize, research, monitor, and remind. They should not autonomously send client messages, make clinical decisions, place orders, execute transactions, or represent the user without explicit approval.

Connected accounts

When agents connect to accounts such as email, calendar, messaging, or business tools, access should be scoped to the workflow need and controlled by the user or organization. Credentials and tokens should be handled through appropriate local or platform-specific secure storage.

Operational safeguards

• Use least-privilege access for connected tools.
• Keep audit-friendly logs for scheduled automation.
• Separate draft generation from external submission.
• Review high-risk workflows before production use.

Report a concern

Security questions or vulnerability reports can be sent to aank2007@gmail.com.