Security

How we keep useScrolls and your data safe.

Skill Scanning

Coming Soon

Every skill is scanned for malicious code before publishing

Encrypted Data

All data encrypted in transit and at rest

Manual Review

Coming Soon

Human review for high-risk or popular skills

Skill Review Process Coming Soon

Every skill goes through our multi-stage review process before being published:

1

Automated Scanning

Static analysis checks for known malware patterns, suspicious code, and potential vulnerabilities.

2

Dependency Check

We verify that any external dependencies are from trusted sources and don't have known vulnerabilities.

3

Human Review

Skills that request elevated permissions or become popular receive manual security review.

4

Continuous Monitoring

Published skills are continuously monitored for issues reported by the community.

Infrastructure Security

TLS Encryption

All connections use TLS 1.3 encryption

Secure Hosting

Hosted on enterprise-grade cloud infrastructure

Reporting Security Issues

We take security seriously. If you discover a vulnerability, please report it responsibly.

Security Contact

Email: security@usescrolls.com

What to Include

  • Description of the vulnerability
  • Steps to reproduce
  • Potential impact assessment
  • Any suggested fixes (optional)

We aim to acknowledge reports within 24 hours and provide a fix timeline within 72 hours.

User Security Best Practices

1.

Review before installing - Check the skill's source code, author reputation, and reviews before installing.

2.

Use official sources - Only install skills from useScrolls or trusted private marketplaces.

3.

Check permissions - Understand what tools and access a skill requests before granting permissions.

4.

Keep skills updated - Regularly update installed skills to get security patches.

5.

Report suspicious behavior - If a skill behaves unexpectedly, report it immediately.