Connection security
Understand scopes, secret handling, approvals, audit records, and account deletion behavior.
912a2708Least privilege#
Each connection exposes human-readable scopes before setup. Prefer the narrowest service, channel, label, workspace, and action set that completes the workflow.
Secret boundaries#
Tabbio does not display provider access tokens in the product. MCP personal tokens are shown once and stored as a one-way HMAC hash. Never paste tokens into a job post, CV, shared document, public issue, or chat transcript.
Side effects and audit#
Write-capable tools use explicit confirmation controls and record the action. Review pending approvals in Settings, then approve or reject from the authenticated Tabbio account.
Disconnect and delete#
Disconnecting stops future access. Account deletion also attempts to revoke all user connections; provider-side access can be reviewed separately for defense in depth.