Credential Storage
Connexsus stores third-party credentials through the encrypted vault model used by integrations. OAuth tokens and API keys are never exposed on public pages and remain bound to authenticated project workflows.
Project Isolation
Provider assignment, registry toggles, and MCP tool visibility remain project-aware. Public SEO pages describe published provider metadata only and do not leak connected state, installs, or any private runtime context.
Operational Guardrails
Connexsus uses audit events, feature flags, and validation layers across catalog, ingest, and runtime provider flows. That structure helps teams ship MCP providers without turning every client into a one-off secret distribution problem.