Security

Built to be handed real work.

Last updated 2026-07-01

Floom runs work for you, so control and auditability are the point, not an afterthought. Here is exactly how that works.

Nothing sensitive happens without your sign-off

Any worker that sends an email, posts a message, or takes an action outside your workspace pauses in an approval queue first. You approve, edit, or reject before it runs. Read-only workers run on their own; the moment a loop wants to act on the outside world, it waits for you.

Every run on the record

Every run keeps its full inputs, outputs, and logs. You can audit exactly what a worker did on your behalf, replay it, or download the bundle. There is no hidden state: if it happened, it is on the record.

Scoped, revocable connections

You connect tools (Gmail, Slack, GitHub, HubSpot, and more) via OAuth through Composio. Floom holds the token and uses it only to run the workers you build. Revoke access in the source tool and every worker that depends on it stops immediately.

Secrets are write-only

Credentials you store are referenced by name and are never printed back, echoed in a reply, or shown in logs. The CLI and the agent are built to never surface a secret value, only to use it.

Workers run isolated

Each worker runs in its own sandboxed environment, not on a shared, long-lived process. A worker sees only the connections and context you gave it.

Your data stays yours

We do not sell your data and we do not train shared models on your worker outputs. Your workspace data is visible to your workspace and its members; Floom support looks only when you ask us to debug a run. See Privacy for the full picture.

Pause or delete anytime

Stop, edit, or retire any loop whenever you want. There is no lock-in. Questions about how something works? Reach us at hello@floom.dev.