Security & Trust
Advisory-only by design
Lintel is read-only and deterministic. It inspects inputs and returns findings. It does not execute changes, mutate infrastructure, or enforce policy.
Data handling
- No credentials required beyond API keys.
- Inputs are processed in-memory and not persisted by default.
- HTTPS is enforced.
Platform protections
- Cloudflare edge protection in front of the service.
- Rate limiting and quota enforcement per API key.
- Origin hosted on Render with TLS (Cloudflare Full/Strict recommended).
If you believe you’ve found a security issue, contact support@lintelapi.com.