Open Source
Proliferate is fully open source under the MIT license. Every line of code that handles your data is publicly auditable. There is no closed-source component in the stack.Sandbox Isolation
Every session runs in its own isolated container. Sandboxes are ephemeral — they are created on demand and destroyed after use.- No shared filesystem between sessions
- Each sandbox gets its own network namespace
- Containers are provisioned with minimal permissions
- Session state is preserved only through explicit snapshots
Sandboxes are fully disposable. When a session ends, its container and all associated runtime state are cleaned up.
Secret Management
Secrets (API keys, tokens, environment variables) are protected throughout their lifecycle:- Encrypted at rest — secrets are encrypted before storage
- Injected at runtime only — secrets are delivered to sandboxes as environment variables when the session starts, not stored on disk
- Never exposed to agents — agents cannot read secret values directly; they are available only as environment variables in the sandbox process
- Never logged — secret values are excluded from all logging pipelines
- Audit trail — access to secrets is tracked
LLM Proxy
Sandboxes never see your real LLM API keys. Instead, the LLM proxy generates per-session virtual keys that are scoped and short-lived.- All LLM traffic is routed through the proxy
- Virtual keys are revoked when sessions end
- Usage is tracked per session for billing and observability
- The proxy supports model routing across multiple providers
Authentication
Proliferate uses better-auth for authentication, supporting:- Email and password — with optional email verification
- GitHub OAuth — sign in with your GitHub account
- Google OAuth — sign in with your Google account