No remote shell
Runner jobs use reviewed executor types. The first supported executor is a Docker benchmark with fixed arguments, not server-supplied shell commands.
Trust model
Kompiut is a trust layer for verified work, not remote control.
Every path has to be explicit about what runs, what data is excluded, how work verifies, how fraud is handled and how the contributor can stop it.
Manual opt-in
A device cannot receive work until its owner has selected a reviewed path and accepted the path consent checklist.
Personal data stays out
Paths must exclude personal files, browser cookies, private keys, seed phrases, camera access and microphone access.
Proof before accounting
Runs need a receipt, output hash and verification result before any ledger entry appears. V1 ledger entries remain payout-disabled.
Kill switches
Kompiut can pause a path, device, global assignments or log upload while an issue is reviewed.
No partner claim by default
External projects stay review-required until workload, software, verification, abuse controls and wording are approved.