Built secure. Not bolted on.

Security Architecture Overview

GeneWorks is designed as a client-proxied, credential-local platform. The most sensitive aspect of any ServiceNow automation tool is the management of instance credentials. GeneWorks resolves this by eliminating server-side credential storage entirely.

When you connect a ServiceNow instance, your credentials are stored only in your browser's localStorage. API calls are constructed client-side and transmitted directly from your browser to your ServiceNow instance. At no point do your credentials pass through GeneWorks infrastructure.

GeneWorks operates as a "thin client" for credential-sensitive operations. We cannot access your ServiceNow instance, read your data, or execute actions on your instance independently of your active browser session.

• No server-side credential storage — Credentials live only in your browser localStorage
• No database of customer instance data — GeneWorks holds no copy of your ServiceNow records
• Direct browser-to-instance communication — No intermediary proxy for credential-bearing requests
• Session-scoped execution — Agents cannot act autonomously outside your active session
• All changes packaged as reversible Update Sets — No untracked direct modifications to your instance
• Impact Analysis before every execution — Risk scored before any API write call is made

Credential Management

Your ServiceNow credentials — instance URL, username, and password — are stored in your browser's localStorage. This storage mechanism is:

• Scoped to your origin: localStorage is strictly origin-scoped by browsers. No other website or tab can access data stored by GeneWorks.
• Never transmitted to GeneWorks servers: Credentials stored in localStorage are never included in requests to GeneWorks infrastructure. They are only used to construct direct API calls to your ServiceNow instance.
• Cleared on demand: You can remove your credentials at any time via the GeneWorks Settings panel or by clearing your browser's localStorage. This is an immediate, permanent operation.

We strongly recommend using a dedicated GeneWorks service account on your ServiceNow instance rather than a shared administrator account. This provides a clean audit trail and allows you to revoke GeneWorks access independently of other administrator accounts.

Data in Transit

All data transmitted between GeneWorks and external services is encrypted in transit:

• Browser to ServiceNow: All REST API calls from GeneWorks to your ServiceNow instance use HTTPS with TLS 1.2 or 1.3. GeneWorks will refuse to connect to an instance endpoint that does not serve a valid HTTPS certificate.
• Browser to AI Model APIs: Task prompts sent to AI model providers (Anthropic Claude, Google Gemini) are transmitted over HTTPS to the respective provider endpoints.
• Contact Form Submissions: Contact form data is transmitted over HTTPS to Formspree's servers and forwarded to our designated email address.

GeneWorks does not transmit any data over unencrypted HTTP connections. If your ServiceNow instance is not accessible via HTTPS, GeneWorks cannot connect to it.

AI Execution Security

The GeneWorks agent network interacts with your ServiceNow instance only within the boundaries of the task you explicitly submit. Agents operate under strict architectural constraints:

• Bounded scope: Each specialist agent operates within a confined prompt context with explicit domain boundaries. The ITSM Agent cannot affect ITOM configurations; the Platform Admin Agent cannot write business rule code. Cross-domain contamination is structurally prevented.
• No autonomous background execution: GeneWorks agents do not execute any actions against your instance outside of an active user session. There are no scheduled background jobs, no webhooks that can trigger agent execution without user initiation, and no persistent connections to your instance between sessions.
• Prompt injection resistance: Agent prompts are structured to separate system instructions from user input. Content submitted in the Knowledge Base or task description cannot override agent behaviour, security constraints, or governance rules.
• Read before write: Before creating or modifying any artifact, the responsible agent queries the current state of the target table or record to understand existing configurations. This reduces the risk of overwriting existing logic unintentionally.

Access Control & Permissions

GeneWorks respects and operates within the permission model of your ServiceNow instance. Agents can only perform actions that the provided service account credentials are authorised to perform. GeneWorks does not attempt to escalate privileges or circumvent ACL restrictions.

For Enterprise plan customers with multi-user workspaces, GeneWorks provides a workspace-level user management system. User credentials for the GeneWorks workspace are stored in browser localStorage and are scoped to your workspace session.

Best practice: Create a dedicated gw_service_account on your ServiceNow instance with only the roles required for your use case. For ITSM-only work, itil_admin is typically sufficient. For platform administration tasks, admin is required.

ServiceNow Instance Hygiene Recommendations

To maintain the highest security posture when using GeneWorks, we recommend the following practices for your ServiceNow instance:

• Use a dedicated GeneWorks service account with the minimum required roles — never share credentials with other administrators
• Enable audit logging on the service account to maintain a full record of all API calls made by GeneWorks agents
• Review Update Sets in a non-production environment before committing to production — GeneWorks generates the Update Set, but human review before production commit remains your responsibility
• Set session timeout policies on the service account appropriate for your organisation's security requirements
• Revoke the GeneWorks service account credentials immediately if you suspect any unauthorised access or misuse of the GeneWorks platform
• Monitor the sys_audit table for activity from the GeneWorks service account as part of your regular platform security reviews

Security Incident Response

In the event of a security incident affecting GeneWorks infrastructure or customer data, we commit to the following response process:

• Initial assessment: Within 24 hours of identification, we will assess the scope, severity, and nature of the incident
• Customer notification: Affected customers will be notified within 72 hours of confirmed impact, including the nature of the incident, data potentially affected, and steps taken or planned
• Remediation: We will take all reasonable steps to contain, remediate, and prevent recurrence of the incident and communicate progress to affected customers
• Post-incident review: A post-incident report will be made available to affected Enterprise customers within 30 days of resolution

Given GeneWorks's architecture — where credentials are stored client-side and no customer instance data is held on GeneWorks servers — the blast radius of any GeneWorks infrastructure incident is structurally limited. A compromise of GeneWorks servers cannot directly expose your ServiceNow credentials or data.

Responsible Disclosure Policy

We welcome security researchers and the broader security community to responsibly disclose any vulnerabilities discovered in the GeneWorks platform. We are committed to working with researchers to understand, validate, and address legitimate security findings.

If you discover a potential security vulnerability in GeneWorks, please:

• Email a detailed description to our security team with the subject line "GeneWorks Security Disclosure"
• Include steps to reproduce the vulnerability, the potential impact, and any proof-of-concept code if applicable
• Allow us a reasonable timeframe (90 days) to investigate and remediate before public disclosure
• Do not attempt to access, modify, or exfiltrate customer data during your research
• Do not perform denial-of-service attacks, social engineering, or physical security tests

We will acknowledge receipt of your disclosure within 5 business days and provide updates on our investigation and remediation progress. We will not pursue legal action against researchers who follow this responsible disclosure policy in good faith. Found a security issue? Please reach out directly — you will hear back within 5 business days.

Security Recommendations for Customers

GeneWorks provides strong security guarantees within our architectural boundaries. The following practices will help you maximise security across the full scope of your GeneWorks deployment:

• Browser security: Use GeneWorks only on trusted, organisation-managed devices with up-to-date browser software. Avoid using GeneWorks on shared or public computers.
• Session management: Log out of GeneWorks when your session is complete, especially on shared workstations. Clear browser localStorage if you have concerns about session persistence.
• Password strength: Use strong, unique credentials for your GeneWorks service account on ServiceNow. Do not reuse credentials across systems.
• Production caution: Always test GeneWorks-generated artifacts on a non-production instance before committing to production. GeneWorks provides ATF coverage, but it cannot test scenarios not described in your requirements.
• Access reviews: Periodically review the GeneWorks user list in your workspace and remove access for team members who no longer require it.
• Stay updated: Monitor the GeneWorks website for security advisories and platform updates. Material security updates will be communicated directly to registered customers.