The trust boundaries behind HQ’s self-hosted architecture.
HQ is self-hosted admin software with tenant-scoped row-level security on every table. Self-hosted installs use a single default tenant, so all authenticated users share the workspace — treat anyone with a Supabase account as a full admin. HQ hosted manages these trust boundaries for you — each workspace gets a dedicated database and isolated runtime.
Stores all shared state. The service role key grants full database access — treat it like a database admin password.
Docker host
The gateway container runs agents with full access to the shared volume, Chrome, and the service role key.
Runner Docker socket
The runner mounts /var/run/docker.sock — root-equivalent access to the host. Any RCE in the runner owns the host.
noVNC endpoint
Remote desktop into the gateway container. Protected by VNC password, but do not expose directly to the public internet.
Use Tailscale or another private access layer for remote use. Do not expose noVNC or the files API directly to the public internet without a reverse proxy and auth layer.
Read the full security policy for detailed threat analysis, responsible disclosure, and hardening guidance.
