Terminaili
Menu
Security

Security posture.

API keys

  • Keys are displayed once on creation and thereafter shown only by prefix or masked form.
  • API keys can be rotated or revoked from the account dashboard.
  • Keys suspected of compromise may be paused while the owner is contacted.

Hosted routing

Public readiness exposes model IDs, status, and capability signals without provider credentials or internal node details.

Abuse and spend controls

  • Starter access is limited to reduce account and infrastructure risk.
  • Spend controls, balances, request history, and rate limits reduce surprise usage.
  • Suspicious traffic can be blocked by key, account, policy, or route.

Operational monitoring

Health, readiness, capacity, request status, latency, errors, deployment checks, OpenAI-compatible configuration, and authenticated chat are monitored.

Vulnerability reports

Send reports to security@terminaili.com with the affected URL, impact, steps to reproduce, and whether credentials or request data were exposed. We prioritize reports that affect account access, key secrecy, billing, or model traffic.