Cue
Get started
SECURITY

Security

Last updated June 8, 2026

Cue sits between your services, your agents, and your attention, so it holds tokens and decisions that matter. We treat that seriously. This page describes how we protect your data and how to tell us if you find a problem. It is meant to be specific, not reassuring for its own sake.

Encryption in transit

Every connection to Cue — the web app, the API, MCP traffic from your agents, and inbound connector webhooks — runs over TLS. Plain HTTP is redirected to HTTPS. Internal traffic between Cue’s edge, database, and storage stays inside our providers’ networks.

Tokens and credentials

API tokens you create are shown to you once, at creation, and are never stored in readable form afterward — we keep only a one-way hash and compare against it when a token is used, so a copy of our database does not hand anyone your tokens. Connector credentials that must be reused (for example, an API key a connector polls with) are stored encrypted. Session cookies are signed, scoped, and expire on a schedule.

Least-privilege connectors

A connector exists to feed cues into a stream — nothing more. We request the narrowest scope each upstream service offers for receiving events, and we never reach beyond what is needed to deliver your cues. Removing a connector deletes its stored credential. Keeping connectors distinct from streams is not just naming hygiene; it keeps each integration’s access boundary clear.

Agent requests stay in your hands

When an agent raises a request over MCP, it blocks and waits — Cue never invents or auto-approves a decision on your behalf. Your answer, and the time you gave it, are recorded so there is an honest trail of what was approved or declined, and so the agent can act only on what you actually decided.

Access and isolation

Your data is scoped to your account; every request is authenticated and authorized before it touches a stream, cue, or connector. Internal access to production is limited to the people who need it to operate the service, and we use the least-privilege principle for our own infrastructure too.

Infrastructure

Cue runs on a modern edge platform with managed database and storage, which gives us encryption at rest, network isolation, and a hardened runtime by default. We keep dependencies current and watch for advisories that affect them.

Responsible disclosure

If you find a vulnerability, we want to hear about it before anyone else does. Email security@attentioncue.com with enough detail to reproduce the issue. Please give us a reasonable window to investigate and ship a fix before disclosing publicly, and avoid accessing or altering data that is not yours, running denial-of-service tests, or degrading the experience for other users while you research. Test only against your own account.

We will acknowledge a good-faith report, keep you posted as we work it, and we will not pursue action against researchers who follow this guidance. We are grateful for the people who take the time to do this well.

Related

For what data we hold and how long, see our Privacy Policy. For the rules that govern using the service, see our Terms of Service.