Security & Trust

HackerAI is an AI agent for penetration testing and security work. This page describes the data we process, where agent code runs, and the services we rely on to operate.

Last updated June 24, 2026

Data we process

Depending on how you use HackerAI, the service processes:

  • Prompts and chat messages you send to the agent
  • Files you upload (PDF, CSV, JSON, TXT, Markdown, DOC/DOCX, and PNG/JPEG/WebP/GIF images), including text extracted from them
  • URLs and search queries used when the agent browses or searches the web
  • Terminal commands and their output from agent sandbox sessions
  • Browser screenshots captured inside the agent sandbox
  • Notes and custom instructions you save
  • Account information such as your email address and name
  • Usage analytics and error diagnostics

AI model providers

Chat requests are routed through OpenRouter to the provider behind the model you select, such as Anthropic, Google, DeepSeek, Moonshot AI, or xAI. Your prompt, relevant conversation context, and tool results are sent to that provider to generate a response.

When the agent searches the web or opens a URL, search queries are processed by Perplexity and page content is retrieved through Jina AI. Message content is screened by OpenAI for content moderation.

Each provider processes data under its own terms. Whether data is used for model training varies by provider, so we don't make a blanket guarantee on this point — refer to the policies of the providers listed below.

Execution environments

By default, terminal and browser actions run in an isolated E2B cloud sandbox tied to your account, separate from our application infrastructure. You can delete your sandboxes at any time from Settings → Data controls.

A local execution mode is also available. It runs commands directly on your machine with your user's privileges and no isolation, so we recommend it only on machines dedicated to testing.

Account security

  • Authentication is handled by WorkOS AuthKit; we don't operate our own password database
  • Multi-factor authentication (TOTP) is available in Settings → Security
  • Sessions can be revoked per device or across all devices from Settings → Security

Billing

Payments are processed by Stripe; card details never reach our servers. Subscriptions can be managed or canceled through the billing portal in your account settings, and deleting your account cancels any active subscription.

Data deletion

  • Delete individual chats, or all chats at once
  • Delete your terminal sandboxes
  • Revoke links to chats you have shared
  • Delete your account, which removes database records, cancels your Stripe subscription, and deletes your authentication record
  • Deleting and recreating an account does not reset usage limits or referral eligibility

Subprocessors

The following services process data on our behalf:

ProviderPurposeData categories
OpenRouterRoutes chat requests to third-party AI model providersPrompts, conversation context, file content, tool output
OpenAIContent moderationMessage content
PerplexityWeb search performed by the agentSearch queries from agent runs
Jina AIWebpage content retrieval for the agentURLs and retrieved page content
E2BCloud sandboxes for terminal and browser executionCommands, command output, files inside the sandbox
ConvexPrimary application databaseAccount data, chats, messages, files, settings
Amazon Web Services (S3)File storageUploaded files
Upstash / RedisRate limiting and response stream resumptionTransient identifiers and streaming state
WorkOSAuthentication and account managementEmail, name, sessions, MFA enrollment
StripePayments and subscription billingBilling contact and payment details (held by Stripe)
PostHogProduct analytics and error trackingUsage events and diagnostic data
Trigger.devBackground execution of long-running agent tasksTask payloads including conversation context
VercelApplication hostingRequest data processed by the web application

Responsible disclosure

Found a security vulnerability in HackerAI? Report it through the help center. We review all good-faith reports. We don't run a paid bug bounty program at this time.

Incident communication

For availability updates and scheduled maintenance, check the public status page. If an incident affects your data, we notify affected users through the service and the help center.

Source code

HackerAI is developed in the open. The full application source code is public on GitHub, including every change we ship. You can review how prompts, files, and sandbox sessions are handled directly in the code rather than relying on this page alone.

Compliance

HackerAI doesn't currently hold SOC 2, ISO 27001, or other third-party certifications. The service is offered in beta, as described in our Privacy Policy and Terms of Service. We'll update this page as our compliance program develops.