Security Whitepaper

MudraForge
Security Posture

A transparent disclosure of our architecture, compliance alignment, threat mitigation strategy, and accountability framework for AI agent deployments in India.

Version 1.0 February 2026 MudraForge Engineering
Section 01

Scope & Applicability

This whitepaper documents the security architecture and compliance posture of all AI agents designed, deployed, and maintained by MudraForge — a boutique AI infrastructure agency based in Assam, India.

This document applies to:

  • Client-Facing Agents — WhatsApp, Website, Instagram, and Telegram bots deployed for end-customer interactions.
  • Internal Operations Agents — Staff-facing AI used for record sorting, inventory prediction, lead scoring, and workflow automation.
  • All environments — Production, staging, and development.

Disclosure: MudraForge follows ISO 27001-aligned information security practices. We are not yet ISO 27001 certified. This whitepaper serves as a transparent record of our current security posture and compliance roadmap.

Section 02

System Architecture

Every MudraForge agent operates on a Three-Layer Sovereign Architecture designed to separate concerns, limit blast radius, and provide full auditability.

                        flowchart TD
                            A["🌐 CLIENT TOUCHPOINT
WhatsApp · Web · Instagram · DM"] -->|HTTPS TLS 1.3| B
                            B["🛡️ LAYER 1: EDGE GATEWAY
Rate Limiting · Input Sanitization
Session Management · DDoS Protection"] --> C
                            C["🧠 LAYER 2: MULTI-MODEL REASONING
Intelligent Model Router + Failover
All inference within India region"] --> D
                            D["🔒 LAYER 3: MUDRA-SHIELD VAULT
Audit Logging · Policy Enforcement
Deviation Scoring · Alert Engine"]

                            style A fill:#1a1d24,stroke:#e2a86b,stroke-width:2px,color:#fff
                            style B fill:#1a1d24,stroke:#10b981,stroke-width:2px,color:#fff
                            style C fill:#1a1d24,stroke:#e2a86b,stroke-width:2px,color:#fff
                            style D fill:#1a1d24,stroke:#10b981,stroke-width:2px,color:#fff

Layer 1 — Edge Gateway

All traffic enters through Cloudflare Workers deployed on India-region Points of Presence. This layer handles TLS termination, adaptive rate limiting, input sanitization against known injection patterns, and session token management.

Layer 2 — Reasoning Engine (The Brain)

The core intelligence layer routes queries to the optimal model based on task type, latency requirements, and fallback conditions. No single model is a dependency. See Section 03 and Section 05 for details.

Layer 3 — Mudra-Shield Vault (The Ledger)

Every interaction is logged with a timestamp, session hash, model used, input/output pair, and a Deviation Score. This immutable audit trail powers weekly logic reviews and is available for regulatory inspection upon request.

Section 03

Model Stack & Reasoning Strategy

MudraForge does not depend on a single AI model. We operate a Multi-Model Reasoning Stack where each model serves a distinct purpose:

Model Role Inference Region Status
Gemini Flash Primary reasoning, search grounding, agentic logic Google Cloud India (Mumbai/Delhi) Active
Sarvam-M Indic language precision, cultural context, sovereign fallback Sarvam India Infrastructure Active
Claude (Anthropic) Constitutional safety verification, compliance auditing Anthropic India (Bengaluru) Planned Q2 2026
Edge-Lite (2B Params) Low-latency fallback for rural/2G connections Cloudflare Edge KV (India) Planned Q3 2026

Principle: We use global models for reasoning power, but all inference happens within Indian data centers. The intelligence is global; the data residency is sovereign.

Section 04

Data Residency & DPDP 2026 Alignment

MudraForge aligns with the Digital Personal Data Protection Act, 2023 and its associated Rules (released November 2025). Full compliance is mandated by May 12, 2027. We are ahead of schedule.

4.1 Data Classification

  • PII (Personal Identifiable Information): Names, phone numbers, email addresses collected during conversations. Encrypted at rest (AES-256) and in transit (TLS 1.3).
  • Business Logic: Client-specific rules, pricing structures, FAQ databases. Stored in isolated Cloudflare KV namespaces per client.
  • Conversation Logs: Retained per DPDP-compliant retention schedule. Auto-purged after the defined retention window unless client requests extension.

4.2 Data Residency Guarantee

All inference calls are routed to India-region endpoints. PII never leaves Indian jurisdiction. Cloudflare Workers execute on India PoPs (Mumbai, Delhi, Chennai). Google Gemini API calls are routed to asia-south1 (Mumbai) and asia-south2 (Delhi) regions.

4.3 Zero-Training Guarantee

MudraForge contractually ensures that no client conversation data is used for model training by any upstream provider. This is enforced via:

  • Google Gemini API's "No Data Use" policy for paid API tiers.
  • Sarvam AI's enterprise data isolation agreement.
  • Anthropic Claude's Constitutional AI data retention policy (zero retention for API calls).

4.4 Consent & Notice

Every agent deployed by MudraForge displays a First-Interaction Notice informing the end-user that they are communicating with an AI agent. Continued interaction constitutes informed consent as per DPDP Section 6. Clients are provided with a Data Processing Agreement (DPA) template as part of the onboarding package.

Section 05

Multi-Model Sovereign Failover

MudraForge agents are designed for zero-downtime resilience. If any model in the stack becomes unavailable, the system automatically degrades gracefully through a multi-tier failover chain.

5.1 Failover Principles

  • Automatic Degradation: If the primary model is unavailable, the system instantly routes to the next available model in the chain. No manual intervention required.
  • Sovereign Fallback: The final fallback layer uses pre-cached, client-approved deterministic responses — ensuring the customer never sees a "Server Down" message.
  • Logged Events: Every failover event is recorded in the Mudra-Shield Vault for post-incident review and SLA reporting.

Sovereign Failover Promise: If geopolitical events or policy changes restrict access to any foreign model, MudraForge can transition all clients to Indian-only models (Sarvam, IndiaAI Foundation Models) within 24 hours. All client knowledge bases are stored in a Portable Vector Format for instant model migration.

Section 06

The Detective Engine — Logic Audit System

The Detective Engine is MudraForge's proprietary Deterministic Verification Layer that checks every AI output against the client's business rules before delivery.

6.1 How It Works

  1. The Reasoning Engine (Gemini/Sarvam) generates a candidate response.
  2. The Detective Engine compares the response against the Mudra-Policy-Vector — a local database of the client's actual business rules (pricing, operating hours, service limits, prohibited claims).
  3. If the response violates any rule, the Detective vetoes it and substitutes a compliant alternative.
  4. Every veto is logged as a "Logic Deviation" with full context: what the model suggested, what the policy required, and what was delivered instead.

6.2 Human-Guided Refinement

The Detective Engine does not "auto-learn." Every deviation is reviewed by a MudraForge engineer during weekly Logic Patching sessions. Based on the review, the system instructions are refined to prevent recurrence. This ensures the agent becomes more accurate over time without the risks of unsupervised self-learning.

6.3 Deviation Reporting

Clients receive a monthly "Agent Health Report" summarizing:

  • Total interactions processed
  • Logic deviations caught and resolved
  • Accuracy score (target: 98.5%+)
  • Model usage breakdown (which brain handled which queries)
  • Recommendations for knowledge base improvements
Section 07

Threat Mitigation & Malicious Intent Protocol

7.1 Multi-Tier Threat Classification

MudraForge classifies incoming interactions through a multi-tier threat assessment system. Each interaction is scored in real-time and routed through escalating response protocols based on the assessed risk level — from standard processing for legitimate queries, through de-escalation for frustrated users, to advanced containment for coordinated attack patterns.

7.2 Advanced Containment

For high-confidence malicious interactions, MudraForge employs proprietary containment protocols designed to neutralize the threat while preserving forensic evidence. The system maintains session continuity to avoid alerting the attacker while securing all necessary data for post-incident analysis.

7.3 Reporting & Compliance

MudraForge operates a "Privacy-First, Safety-Second" protocol:

  • Vast majority of interactions: Fully anonymized. No PII retained beyond the active session.
  • Confirmed malicious events only: A structured "Incident Report" is generated and made available to the client for review and action.
  • Authority Reporting: Under the IT (Intermediary Guidelines and Digital Media Ethics Code) Rules 2026, MudraForge complies with the duty to report criminal activity when detected. Reports are structured in a format compatible with the MeitY CERT-In intake process.

Privacy Safeguard: Rudeness and curiosity are NEVER reported or flagged. Only verified malicious intent — confirmed by our proprietary confidence scoring system — triggers incident protocols. We do not perform mass surveillance. We perform targeted defense.

Section 08

Accountability Framework

MudraForge operates under a "Designated Deployer" model. Unlike SaaS platforms that shift all liability to the client, we share accountability for the technical performance and safety of every agent we deploy.

8.1 Responsibility Matrix

Domain MudraForge Responsibility Client Responsibility
Agent Logic & Reasoning Full ownership. Weekly patching. Provide accurate business rules.
Data Security & Encryption Full ownership. AES-256 + TLS 1.3. Secure access to their own dashboards.
DPDP Compliance Technical compliance (data residency, consent, retention). Legal compliance (Data Fiduciary registration, grievance officer).
Model Hallucination Handling Detective Engine + Logic Audit. Review monthly Agent Health Reports.
Malicious Intent Response Detection, recording, and reporting. Decide on follow-up actions (legal, block user).
Uptime & Failover Multi-model failover, proactive monitoring. None (MudraForge handles all infrastructure).

8.2 Incident Response SLA

  • Critical (Agent hallucination causing financial/medical harm): Response within 1 hour. Agent paused until fix confirmed.
  • High (Logic deviation not caught by Detective): Response within 4 hours. Emergency patch deployed.
  • Medium (Feature malfunction, wrong formatting): Response within 24 hours.
  • Low (Cosmetic issues, minor phrasing): Addressed in next weekly patching session.
Section 09

Compliance Posture Summary

Standard / Regulation Status Notes
DPDP Act 2023 + Rules 2025 Aligned India-region inference, consent notices, 90-day retention, DPA templates
IT (Intermediary Guidelines) Rules 2026 Aligned AI-generated content labeling, duty to report
India AI Governance Guidelines (Nov 2025) Aligned Trust, Accountability, Understandable by Design, Safety
ISO 27001:2022 Aligned (Not Certified) Following framework principles. Certification planned post ₹20L ARR.
ISO 42001 (AI Management) Monitoring Standard under development. MudraForge tracking for future adoption.
GDPR (EU) Partial Applicable only if client serves EU customers. DPA covers cross-border scenarios.
Section 10

Security Contact

For security-related inquiries, vulnerability reports, or compliance questions:

  • Email: hello.mudraforge@gmail.com
  • Subject Line Convention: [SECURITY] Brief description
  • Response Time: Within 24 hours for security inquiries.

We encourage responsible disclosure. If you discover a vulnerability in any MudraForge-deployed agent, please report it to us before public disclosure. We will acknowledge your contribution.

Questions About Our Security?

We believe in radical transparency. If something isn't covered here, ask us directly.

← Trust Center Talk to an Architect