# Overview {% hint style="info" %} _{Cycle once:} _{**what is secret**}_, _{**where it is stored**}_, _{**how you prove it with Test**}_. {% endhint %}

_{This page means}

This chapter is	This chapter is not
_{Habits & boundaries for operators}	_{A guarantee that every third-party API stays backward compatible forever}
_{Aligned with how Settings & Test behave}	_{Legal advice or SOC2 attestation language}

_{Read in this order}

{% stepper %} {% step %} _**First** [_{What counts as a secret}](/security-and-privacy/what-counts-as-a-secret.md) _{so you share vocabulary.} {% endstep %} {% step %} _**Second** [_{How credentials are stored}](/security-and-privacy/credentials-in-aria.md) _{so “encrypted at rest” means something specific in production.} {% endstep %} {% step %} _**Third** [_{What ARIA can do with each key}](/security-and-privacy/what-aria-can-do-with-a-key.md) _{so you scope tokens at the vendor with intent.} {% endstep %} {% step %} _**Fourth** _{Then pick the slice that matches your risk this month: Stripe, outbound comms, Notion, sessions, or devices.} {% endstep %} {% endstepper %} ***

_{Ask a question}

_{If someone pasted one key into the wrong place on day one, which key would hurt most?}
_{Open that vendor’s least-privilege page tonight, not “eventually.”}

*** --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.ariaagi.com/security-and-privacy/overview.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.