| User management | Control how users log in to the published app. | You |
| Usage policy / access control | Control which users have access to which resources or parts of the app based on authorization. | You |
| IP / Copyright | You are responsible for reviewing that Agent output and your application respect intellectual property rights and copyright. | You |
| Information / Data | The data that is consumed, created, or displayed by the application. | You |
| Privacy notices and end-user consent | Privacy disclosures, cookie banners, and consents shown to your end users. | You |
| Regulatory compliance of your application | Meeting laws and regulations applicable to your app (for example, GDPR, CCPA, PHI, PCI DSS, HIPAA, SOC 2). | You |
| Penetration testing of your app | Security testing of the application you build. | You |
| Vulnerability disclosure for your app | Receiving and triaging security reports from researchers about your app. | You |
| Edge protection (anti-DDoS and WAF) | Volumetric and application-layer attack mitigation at the platform edge. | Replit |
| Published apps infrastructure | Where published apps run, infrastructure maintenance, platform vulnerability patching, and so on. | Replit |
| Encryption in transit and at rest | TLS for traffic; encryption of platform-stored data. | Replit |
| Application-layer encryption | Any app-level or field-level encryption needs and any external data stores they connect to. | You |
| Publishing lifecycle | Replit provides tools to select visibility of the published app (Private, Password-protected, Public); you are responsible for choosing the correct visibility. | Replit (mechanism) You (configuration) |
| Vulnerability management | Replit detects and alerts on vulnerabilities in dependencies of already-published apps; you mitigate and remediate them. | Replit (detection) You (remediation) |
| Logging and monitoring | Replit monitors platform availability and abuse signals; you are responsible for application-level logging and monitoring (errors, business events, user activity). | Replit (platform) You (app) |
| Backups and recovery | Backup of code of published apps and Replit-managed database contents. | Replit |