Resources
Security
How Dravo Hood handles credentials and protects its surfaces.
Dravo Hood is a read-oriented intelligence platform. It does not custody funds, request wallet connections, or execute transactions on your behalf, which keeps its security surface deliberately small.
Credential handling
- AI and provider credentials live only in server-side environment configuration.
- All AI calls happen on the server; API keys never reach the browser.
- Internal errors are logged server-side only — response bodies, headers, keys, and system prompts are never exposed to the client.
Your responsibility
Dravo helps you verify contracts, but the decision to interact with one is yours. Use Inspect to confirm verification, ownership, and permissions before trusting any deployment, and confirm token addresses against official documentation.
Report a concern
If you believe you have found a security issue, reach the team through the official channels listed on the Contact page.
