Network Security
Outbound-only. Customer-controlled. Auditable.
Outbound surface
- LLM provider endpoints
HTTPS to whichever provider the customer configures. No PeerAI-controlled proxy.
- Customer database endpoints
Customer-supplied connection string. TLS recommended and supported.
- Release / update checks
Studio polls the public release manifest at storage.googleapis.com. Customer-toggleable.
- Optional outbound — Sentry, Arize, Marketplace
All toggleable; off by default in privacy-conscious deployments. Marketplace traffic is optional and only used when customer browses the marketplace.
Subprocessors
Inbound surface
- Local sidecar ports
Python :8765, Rust TestDataGen :8766, Python DataMigration :8767. Bound to localhost; not exposed to network. Authenticated IPC between Studio and sidecars.
- No inbound from PeerAI
PeerAI does not initiate connections to Studio. There is no remote-management plane.
Egress controls
- Customer firewall compatible
Studio operates correctly behind customer egress controls; allowlist the LLM provider, the customer's database, and (optionally) storage.googleapis.com for updates.
- Proxy support
HTTPS proxy honoured via standard environment variables.