Destructive actions need approval
Deleting a page, post, media item, or user, installing or activating a plugin, and bulk operations all require an explicit approval step. Approval tokens expire after 10 minutes.
Per-tool governance lets you turn any individual tool on or off for a site, so you decide exactly what an AI is allowed to do.
Your content never leaves your server
Respira records operation outcomes only: which action ran, on which resource, how many lines changed, and which builders and plugins were detected. It does not collect, store, or transmit your page or post content, and it cannot see your site content from its dashboard or internal tools.
When you connect an AI tool such as Claude, ChatGPT, or Cursor, the prompts and content you send to that tool are handled under that tool's own terms, not Respira's.
Every action is logged
Each key action is recorded: who, when, what resource, the result, and which AI client and version made the call. The audit log lives on your site, under your control.
Infrastructure and compliance, EU data residency, encryption in transit and at rest, Postgres row-level security, GDPR, and sub-processors, live on the Trust Center.