Docs

Security

How we keep your credentials safe, your machine protected, and skills trustworthy.

Core Principles

Credentials stay local

Your API keys for third-party services are stored on your machine and used directly by your agent. They never pass through LarryBrain servers.

Skills run locally

Every skill executes on your machine. LarryBrain serves text files. Your agent decides what to run. We have no remote execution capability.

Fully transparent

All skill files are plain text. You can inspect every line before your agent runs anything. No obfuscated code, no hidden logic.

GitHub-verified authors

Every publisher must connect a GitHub account. Skills are tied to real, accountable identities. No anonymous submissions.

How Credentials Work

Skills that integrate with third-party services (APIs, social platforms, databases) reference credentials as environment variables. Here's the full flow:

1
You set env vars locally
Your API keys for Stripe, Twitter, etc. live as environment variables on your machine.
2
Skill references them
The SKILL.md references these as $ENV_VAR_NAME. Plain references to local variables.
3
Agent uses them directly
Your agent reads the env vars and makes API calls directly to the third-party service.
4
LarryBrain never sees them
At no point do your credentials pass through www.larrybrain.com servers. We serve skill files, not API proxies.

The only credential that touches LarryBrain servers is your LarryBrain API key, used to authenticate skill downloads. This is separate from any credentials used by the skills themselves.

Skill Review Process

Every skill is reviewed before appearing in the marketplace. Two-stage process:

1

Automated security scan

Every submission is scanned automatically before human review:

Destructive commands (rm -rf, format, wipe)
Piped curl to shell (curl | bash)
Prompt injection patterns
Base64 or hex-encoded payloads
Credential access patterns (reading .env, ~/.ssh, keychain)
External data exfiltration (unexpected outbound calls)
2

Human review

A real person reads every skill file, tests the setup instructions, and verifies the skill does what it claims. We check for misleading descriptions, hidden functionality, and anything the automated scan might miss. No skill goes live without human sign-off.

What LarryBrain Never Does

Never executes code
We serve text files. Your agent decides what to execute, locally, under your supervision.
Never has remote access
No backdoor, no callback, no telemetry baked into skills. Skills are static files.
Never proxies your API calls
Skills tell your agent to call third-party APIs directly. No man-in-the-middle.
Never serves obfuscated content
All skill files are plain, readable text. What you download is what runs.

Full Transparency

You are always in control. Before your agent runs any skill:

  • All downloaded files are stored locally. You can inspect them at any time.
  • Skill files are plain text. No compiled code, no binaries, no obfuscation.
  • Your agent operates within its normal permissions. Skills don't elevate access.
  • You can delete any skill at any time by removing its local directory
Publishing Skills