Aster Security Model

Aster security is defined by the active gateway distribution. Auth modules declare scopes, route modules declare their surface, and runtime services enforce user/app access through Effect service boundaries.

The sandbox boundary is still the primary execution boundary for agent work. Gateway modules project only the spaces, tools, skills, extensions, apps, and marketplace sources selected by the distribution or installed by the user.

Concrete providers such as database, analytics, and observability adapters live outside @aster/gate, so custom distributions can swap infrastructure without changing the core runtime.