Trust Center

Last updated: March 28, 2026

      Summary: All Samurai Labs apps are built exclusively on Atlassian Forge.
      Customer data is processed and stored entirely within Atlassian's infrastructure.
      We operate no external servers. All apps undergo automated security testing
      covering injection prevention, access control, and data integrity.
    

Forge-Native

100% Atlassian Forge — no external servers, no self-hosted infrastructure, no Connect legacy.

Zero Customer Data Egress

Customer data never leaves Atlassian's infrastructure. No analytics, no tracking, no external AI.

Tenant Isolation

Each installation's data is isolated at the Forge platform level — not just by application code.

Automated Security Testing

All apps have backend and frontend test suites with security-specific cases run on every change.

1. Architecture & Data Flow

Every Samurai Labs app is built on Atlassian Forge, Atlassian's first-party serverless platform. This architecture provides security guarantees enforced at the platform level — not just by our code:

Layer	How It Works
Compute	Sandboxed Forge runtime — each invocation is isolated. No access to host OS, other apps, or unrestricted network.
Storage	Forge SQL (relational) and Forge KVS (key-value) — both tenant-isolated and encrypted at rest by Atlassian.
Network	No outbound HTTP calls to external services. All communication is between the app and Atlassian's own APIs, within Atlassian infrastructure. The only exception is error reporting to Sentry (see Subprocessors).
Authentication	Atlassian identity — no separate login system. Admin features require Atlassian admin role, verified at the resolver level.
AI (SmartTag only)	Forge LLMs (Atlassian-hosted). No content sent to external AI providers. Inputs truncated to limit scope.
Patching	Forge runtime is patched by Atlassian automatically. No servers for us to forget to patch.

2. Data Handling

No customer data egress: Customer data (issues, pages, costs, audit logs, labels, settings) is never transmitted outside of Atlassian's infrastructure.
Tenant isolation: Forge SQL and KVS are partitioned per Atlassian site. Data from one organisation is inaccessible to another — enforced by Atlassian at the platform level.
Encryption: Data in transit uses HTTPS/TLS. Data at rest is encrypted by Atlassian's managed infrastructure.
No tracking or analytics: We do not embed any third-party analytics, tracking pixels, or telemetry SDKs in our apps. No Google Analytics, no Mixpanel, no Amplitude.
Privacy automation: All apps include automated privacy processing to support data subject requests and retention policies.

3. Code Security Controls

Threat	Control
SQL Injection	All queries use parameterized bind parameters — no dynamic string construction in SQL.
JQL Injection	All JQL uses a shared escape utility to sanitise user input before embedding.
CSV Formula Injection	All CSV exports sanitise dangerous characters (`=`, `+`, `-`, `@`, tab, CR) to prevent spreadsheet injection.
URL Injection	All Atlassian API calls use tagged template literals to prevent URL manipulation.
ReDoS	User-supplied values are subject to length limits and safe regex construction.
Input Validation	Configuration values validated against allowlists before persistence.
Resource Exhaustion	Batch operations are chunked with defined limits, content size is capped, and concurrency is bounded.
Information Leakage	Internal stack traces are never exposed to the frontend. Errors are reported to Sentry for developer observability only.

4. Authentication & Access Control

No separate credentials: Users authenticate through their existing Atlassian account. We store no passwords, tokens, or session data.
Admin-gated features: All configuration, data exports, and destructive actions require Atlassian admin permissions, checked at the resolver level before execution.
Destructive action confirmation: All delete, reset, and archive operations require an explicit user confirmation dialog. No one-click destructive actions.

5. AI Safety

SmartTag for Jira and SmartTag for Confluence include AI-powered features for automatic classification and tag suggestion. The following controls apply:

Atlassian-hosted models only: SmartTag uses Forge LLMs, which run within Atlassian infrastructure. No content is sent to external AI providers.
Input truncation: Inputs are truncated before processing, limiting the data scope and reducing prompt injection surface.
No training on your data: Forge LLMs do not use customer data for training or fine-tuning. Each inference call is stateless.
Scoped usage: AI is applied only to content designated for classification (issue text, page content). Financial data, audit logs, and IP addresses are never processed by AI.

6. Per-App Security Notes

App	Data Handled	Additional Controls
CostLens (Jira)	License data, user activity, cost allocations	Financial data never exposed to AI. Paginated queries for large datasets. Sync cooldowns to prevent API abuse.
GuardRail (Jira)	Audit logs, IP addresses, compliance reports	Admin authentication on all read resolvers. IP validation with ReDoS protection. Anomaly data stays tenant-local.
SmartTag (Jira)	Issue text, labels, AI suggestions	AI inputs truncated. Forge LLMs only. Labels governance with undo support.
SmartTag (Confluence)	Page content, labels, taxonomy	Content truncated before AI processing. SSN regex hardened against ReDoS. Knowledge graph capped to prevent O(n²) operations.
PagePulse (Confluence)	Page metadata, health scores, engagement	Privacy anonymisation on user data. Optimised SQL usage to stay within Forge quotas. Batch operations for large spaces.
ServiceCost (Compass)	Cost data, budgets, component mappings	Settings validated against allowlists. Privacy anonymisation on budget requests. CSV exports sanitised.

7. Compliance Readiness

All apps run on Atlassian Forge, which holds its own compliance certifications including ISO 27001, SOC 2, and others documented at atlassian.com/trust.

Our apps are designed to support your compliance posture:

GuardRail: Audit log analysis, anomaly detection, risk scoring, and pre-built compliance frameworks for HIPAA, PCI DSS, SOC 2, and custom frameworks.
CostLens & ServiceCost: Financial controls and cost allocation transparency supporting FinOps governance programmes.
SmartTag & PagePulse: Data governance, content lifecycle management, retention policy enforcement, and content classification for information governance requirements.

8. Subprocessors

Subprocessor	Purpose	Data Sent
Atlassian	Hosting platform (Forge runtime, storage, identity)	All app data — processed and stored entirely within Atlassian infrastructure.
Sentry	Error monitoring and crash reporting	Error messages, stack traces, and app context for debugging. No customer content, no PII, no user-generated data. Error envelopes contain only technical diagnostic information (function names, error types, plugin identifiers).

We do not use any additional third-party services. No analytics, no CDNs, no external databases, no AI providers beyond Atlassian's own Forge LLMs.

9. Vulnerability Reporting

If you discover a potential security issue in any Samurai Labs app:

Email: support@banhidy.hu with subject "Security Vulnerability Report"
Include: app name, vulnerability description, reproduction steps, and impact assessment.
We acknowledge receipt within 48 hours and provide initial assessment within 5 business days.
We practise coordinated disclosure — please allow us reasonable time to investigate and release a fix before public disclosure.

10. Atlassian Marketplace Programmes

Runs on Atlassian: All apps are Forge-native, qualifying for Atlassian's "Runs on Atlassian" trust signal.
Ecoscanner: Apps are subject to Atlassian's automated cloud app security scanning.
Security Bug Fix Policy: We adhere to Atlassian's Marketplace security bug fix SLA requirements.

11. FAQ

Where is my data stored?

All data is stored in Forge SQL and Forge KVS, which run on Atlassian's infrastructure. Data residency follows your Atlassian site's configuration. We operate no external databases or storage.

Do your apps make external API calls?

The only external service is Sentry for error monitoring. Error reports contain technical diagnostic data only (stack traces, error types) — never customer content or personally identifiable information. All other communication is between the app and Atlassian's own APIs.

Do AI features send my data to OpenAI or other providers?

No. SmartTag's AI features use Forge LLMs, which are Atlassian-hosted models running within Atlassian infrastructure. No content is sent to OpenAI, Anthropic's external API, Google, or any other external AI provider.

Can other tenants access my data?

No. Forge enforces tenant isolation at the platform level. Each Atlassian site's app data is stored in its own isolated partition, inaccessible to other installations — even of the same app.

Do you hold SOC 2 or ISO 27001 certification?

Samurai Labs does not currently hold independent certifications. However, all apps run on Atlassian Forge, which is covered by Atlassian's SOC 2, ISO 27001, and other certifications documented at atlassian.com/trust.

How do I request data deletion?

Contact support@banhidy.hu. All apps include built-in privacy automation that supports data subject requests. Uninstalling the app removes all Forge-stored data for your site.

12. Contact

For security questions, data processing inquiries, or compliance documentation requests:

Email: support@banhidy.hu
Support hours: Mon–Fri, 10:00–18:00 CET
Security statement: Full security statement
Privacy policy: Privacy policy
Terms of service: Terms of service