Modu Data Processing and Compliance Overview

1. GitHub and Slack Integration

When you connect GitHub or Slack to Modu:

• OAuth Authentication:Modu uses industry-standard OAuth flows to request access.
• Minimal Scopes:We request only the minimum permissions needed. For GitHub, that typically means read-only access to repositories. For Slack, it's permission to read messages where Modu is directly mentioned.
• No Persistent Tokens:OAuth tokens are stored in memory only during the session and are discarded after use.

2. Code Handling and Virtual Machine Isolation

When a user prompts Modu to work with their code:

• Temporary Code Download:Code is downloaded from GitHub using the in-memory token.
• Isolated VM Execution:The code is analyzed and modified on a purpose-built virtual machine.
• Ephemeral Compute:Each VM is destroyed after the session ends — including all code, logs, and transient files.
• No Code Retention:Modu does not store your code or any derivative artifacts after the session.

3. Slack Message Access

Modu listens for prompts in Slack and:

• Reads Only What's Needed:It processes only messages that mention @Modu or are in authorized threads.

4. Compliance and Best Practices

• Data Minimization:We collect the bare minimum required to complete a request.
• No Background Processing:All actions are user-prompted — no scanning, crawling, or indexing is done in the background.
• Auditability:Every action Modu takes is scoped to a specific request initiated by the user.
• No Third-Party Code Sharing:Code is never shared or transmitted outside your session.

5. Security Principles

• Ephemeral Infrastructure:No persistent environment or storage.
• Token Handling:Tokens are never logged or persisted.
• Isolation by Design:Each user session is fully sandboxed.
• Transport Security:All data is transferred over encrypted channels (TLS 1.2+).