Security your team can verify, not just trust
Fleet is a single Go binary with no open ports and a local-first data plane — your source code never goes to Fleet. Every claim on this page is verifiable with standard tools.
Security-first architecture
Fleet was designed from day one to have the smallest possible attack surface. No network listeners, no external dependencies, no data exfiltration paths.
Single Go binary
One statically compiled binary. No runtime dependencies, no interpreters, no JIT. Minimal attack surface by design.
No container runtime
No Node.js, no Docker daemon, no container orchestration. Nothing running that you didn't explicitly start.
SQLite embedded database
All state in a single local file (~/.fleet/fleet.db). No database server, no network-accessible data store, no connection strings.
Unix domain sockets only
All inter-process communication via Unix domain sockets. Zero TCP ports opened. No network listeners, no attack vector from the network layer.
Your code stays private
Your source code is never sent to Fleet. It goes only to the model backend you choose and GitHub. When you connect Fleet to the dashboard, it reports operational metadata and usage metering — agent status, run counts, and run time — for your own visibility and billing, but never your code.
Local-first data plane
Your agents, code, and SQLite database run on your own infrastructure. An unregistered instance sends nothing at all; once connected, the control plane receives operational metadata and usage metering only.
Your data stays in your boundary
Your code, agents, and database run on your own infrastructure, and your source never goes to Fleet. Run the model on Bedrock or Vertex to keep it in your cloud. Outbound is limited to your model backend, GitHub, any work-item provider you connect (Linear/Jira), and — once registered — operational metering to the control plane. All configured by you.
- The Fleet binary and its SQLite database run on your infrastructure — no Fleet-hosted data plane
- Your code is shared only with the model backend you choose — the Anthropic API, or Amazon Bedrock / Google Vertex inside your own cloud
- Source code is never sent to Fleet; a registered instance reports operational metadata + usage metering (agent status, run counts, run time) to the control plane, never code
- SQLite database stored at ~/.fleet/fleet.db (configurable via FLEET_DB_PATH)
- Unix domain sockets for local IPC — fleet-internal data never traverses a network
- The only outbound connections are your model backend, GitHub, and any work-item provider you connect (Linear or Jira) — all configured by you and restrictable
Data sovereignty
Fleet runs local-first — an unregistered instance sends nothing. Claude Code's model backend is configurable: use the Anthropic API directly, or point it at Amazon Bedrock / Google Vertex to keep model traffic in your own cloud boundary. Outbound traffic is the model backend, GitHub, any work-item provider you connect (Linear or Jira), and — once registered — usage metering to the control plane. All are connections you configure and can audit.
Configurable model backend
Claude Code's model backend is configurable: use the Anthropic API directly, or point agents at Amazon Bedrock / Google Vertex to keep model traffic inside your own AWS or GCP account.
No license server or activation
Download once and run. No license check, no activation call, no per-run authorization — the binary needs nothing from us to operate.
No package manager dependency
Single binary download. No npm, pip, apt, brew, or any package manager required for installation or operation.
No runtime downloads or auto-update
Everything Fleet needs is compiled into the binary. No dynamic module loading, no remote config, no CDN dependencies — what you download is exactly what runs.
Enterprise governance built in
Every governance feature ships in the binary. No add-ons, no enterprise tier unlock, no separate modules to install.
Per-agent budget enforcement
Set cost limits per agent with cumulative tracking. Agents that exceed budget are automatically stopped.
Complete audit trail
Unified fleet log captures every decision, every agent action, every approval — chronologically and immutably.
Pipeline approval gates
Multi-stage pipelines with mandatory human approval. Rejected work routes back with context for remediation.
Agent quarantine
Instantly isolate misbehaving agents. Quarantined agents cannot execute, publish events, or interact with the fleet.
Org hierarchy with RBAC
Org-tier and repo-tier agents with role-based access control. CEO, CTO, department heads, and scoped developers.
6-dimension eval scoring
Every agent run is scored across task output, reliability, quality, efficiency, collaboration, and cost.
Logistic regression risk model
8-feature risk model predicts agent failures before they happen. Proactive risk assessment on every run.
Dry-run validation
Validate agent behavior in dry-run mode before production deployment. No side effects until you approve.
Verify it yourself
Every security claim Fleet makes is independently verifiable. No trust required.
No network listeners
$ lsof -nP -iTCP -sTCP:LISTEN | grep fleet# (no output) — Fleet opens no listening portsSee exactly what leaves
$ sudo tcpdump -i any -n 'tcp port 443' # watch Fleet egress# your model backend, GitHub, and (once registered) the control plane — nothing elseSingle binary, zero dependencies
$ file $(which fleet)fleet: Mach-O 64-bit executable arm64$ otool -L $(which fleet)# only system librariesLocal data only
$ ls -la ~/.fleet/fleet.db-rw-r--r-- 1 user staff 245760 fleet.db$ sqlite3 ~/.fleet/fleet.db ".tables"agents events fabric_events pipelines ...Reporting vulnerabilities
We take security reports seriously. If you discover a vulnerability, we want to hear about it.
Report security vulnerabilities to
security@fleetctl.aiInclude a description of the vulnerability, steps to reproduce, and any relevant proof-of-concept. We will acknowledge receipt within 24 hours and provide a detailed response within 72 hours.
Ready for a security architecture review?
Our team will walk your security engineers through Fleet's architecture, data handling, and governance model.