File Security
Every file uploaded to MeetLoyd passes through a zero-trust security pipeline before it reaches an agent. This guide explains how the platform protects your organization from file-based threats.
How It Works
When you drop a file into a chat or upload it through the API, MeetLoyd runs a multi-layer scan before the file is stored or processed:
- File identity verification -- Every file is verified to be what it claims to be. A disguised file is caught immediately.
- Content threat scanning -- Files are inspected for malicious content, embedded threats, and known attack patterns.
- Credential detection -- The platform detects accidentally included secrets such as API keys and credentials before they reach an agent.
- Prompt injection detection -- Text extracted from documents is checked for adversarial content that could manipulate agent behavior.
Only files that pass every check are stored and made available to your agents.
Vision Support
MeetLoyd supports image uploads (PNG, JPG, GIF, WebP) up to 20 MB. When you attach an image to a conversation with an agent that uses a vision-capable model (such as Claude Sonnet, GPT-4o, or Gemini Pro), the agent can see and analyze the image directly.
Images go through the same security pipeline as documents -- file identity is verified and the content is scanned before the agent receives it.
Drag and Drop
You can drag files directly into the chat panel. Drop one or more files onto the message area, add an optional message, and send. Files appear as removable chips below the input before you send, so you can review or remove them. Up to 10 files can be attached per message.
What Happens When a Threat Is Detected
When the security pipeline detects a threat:
- The file is blocked -- It is not stored, not parsed, and not shown to any agent. The upload returns an error with a description of what was found.
- A security event is logged -- The platform records the event with details about the threat type, severity, file name, and the user who attempted the upload.
- Admins are notified -- Security events appear in real time on the Security Center dashboard. Critical and high-severity events are flagged for immediate attention.
- The file is quarantined -- Blocked files are moved to a secure quarantine location where they cannot be accessed. Admins can review quarantined files during investigation.
No manual configuration is required. The security pipeline is always active for every tenant.
Threat Categories
MeetLoyd detects a wide range of file-based threats including:
- Disguised files -- Files that claim to be one type but are actually another
- Malicious content -- Documents containing embedded threats or harmful code
- Credential leaks -- Files that accidentally contain API keys, passwords, or connection strings
- Adversarial content -- Text designed to manipulate agent behavior
- Suspicious references -- Files containing links to known-bad or obfuscated destinations
The detection engine is continuously updated to address emerging threat patterns.
Supported Formats
For the best security coverage and compatibility, use modern file formats:
| Recommended | Avoid |
|---|---|
| DOCX, XLSX, PPTX | DOC, XLS, PPT (legacy formats) |
| Executable formats (.exe, .bat, .ps1) | |
| PNG, JPG, WebP | Unknown or uncommon formats |
Legacy Office formats are restricted by default due to their higher risk profile. Convert to modern formats before uploading.
Enterprise: Encryption and Tenant Isolation
Best Practices
| Practice | Why |
|---|---|
| Use modern Office formats | DOCX, XLSX, and PPTX are safer and better supported than legacy formats |
| Remove credentials before uploading | While the scanner catches many patterns, avoid uploading files that contain secrets |
| Review security events regularly | Check the Security Center for blocked uploads that may indicate a compromised account |
| Enable CMEK on Enterprise | Adds an extra layer of protection for sensitive files at rest |