Aster Security Model

Aster security is defined by Distro and enforced through Gate framework boundaries. Auth modules declare scopes, route modules declare their surface, and runtime services enforce user/app access through Effect service boundaries.

The sandbox boundary is still the primary execution boundary for agent work. Gate modules project only the spaces, tools, skills, extensions, apps, and marketplace sources selected by Distro or installed by the user.

Concrete providers such as database, analytics, and observability adapters live outside @aster/gate, so product runtimes can swap infrastructure without changing the framework.