Security
Security
Security practices, isolation, and data handling
StarSling is built with security as a core principle. Your code and secrets are protected at every layer.
Data Handling
What data we access and retain
Compliance
Certifications and practices
GitHub App Permissions
What permissions we request and why
Security Highlights
- Secrets never touch StarSling - Passed directly from GitHub to runner
- Ephemeral, hardware-isolated sandboxes - Each job runs in its own single-use microVM, destroyed after the run — the same isolation as GitHub-hosted
- Encrypted everywhere - TLS 1.3 for all communications
- Minimal data retention - Logs deleted within 24 hours