Security

Aitern is designed to run Shopify store operations with clear task history, scoped credentials, and reviewable outputs.

Operational controls

• Shopify access is scoped to the permissions needed by enabled workflows.
• Workflow history records what was requested, what ran, and what changed.
• Production secrets are stored in managed secret stores.
• Infrastructure changes are deployed through version-controlled release paths.

Reporting security issues

If you believe you found a security issue, email support@aitern.ai with a description, affected store or URL, reproduction steps, and any relevant timestamps.

Out of scope

Please do not perform destructive testing, access another merchant's data, interrupt service availability, or run automated scans against production systems without written permission.