BuddyAI Desktop is designed as a desktop-native AI workspace with support for multiple providers (OpenAI, Claude, Grok, local LLMs, etc.).

Security is a top priority, especially given:

• API key usage
• OAuth integrations
• Local and remote model execution
• Clipboard and screen capture features

We actively support the latest release.

Always upgrade to the latest version to receive security fixes.

If you discover a security vulnerability:

• ❌ Do NOT open a public GitHub issue
• ✅ Report privately via:
  • GitHub Security Advisory (preferred)

Provide as much detail as possible:

• Description of the issue
• Steps to reproduce
• Impact assessment
• Screenshots or logs (if applicable)
• Suggested mitigation (optional)

• Initial response: within 48 hours
• Triage & validation: 1–5 days
• Fix & release: depends on severity

BuddyAI follows a local-first, user-controlled security model.

• No forced cloud dependency
• No hidden data exfiltration
• User controls all provider connections
• Secrets remain on the user machine

BuddyAI may store:

• API keys (OpenAI, Anthropic, etc.)
• Provider configurations
• OAuth tokens

• Stored locally (user profile / app data)
• Never transmitted except to configured provider endpoints
• No telemetry collection of secrets

• Do not share config files publicly
• Do not commit API keys to GitHub
• Rotate keys regularly

BuddyAI supports OAuth-based providers.

• Tokens are stored locally
• Standard OAuth flows are used
• No credential interception

BuddyAI can connect to local endpoints:

• http://localhost:11434 (Ollama)
• http://127.0.0.1:1234 (LM Studio)

• Ensure endpoints are not exposed publicly
• Use firewall rules where applicable
• Avoid binding to 0.0.0.0 unless secured

BuddyAI processes:

• User input text
• Screenshots (optional)
• Clipboard data (Lens feature)

• Data is sent only to the selected provider
• No background transmission
• No logging of sensitive content unless user-enabled

BuddyAI includes a screen capture + AI analysis feature.

• Sensitive data capture (tokens, passwords, PII)

• User-initiated only
• No automatic capture
• Clear UI before submission

BuddyAI communicates only with:

• Configured AI providers
• User-defined endpoints

• Hidden telemetry
• Background analytics
• Third-party tracking

We recommend:

• Keeping dependencies updated
• Monitoring known vulnerabilities
• Avoiding untrusted NuGet packages

Contributors must:

• Never commit secrets
• Avoid hardcoded credentials
• Validate all external inputs
• Handle API errors safely
• Follow least privilege principles

• No secure enclave for key storage (relies on OS/user security)
• Local configs may be readable if system is compromised
• External providers control their own security posture

For enterprise environments:

• Use endpoint protection (EDR)
• Restrict outbound traffic to approved endpoints
• Enforce disk encryption (BitLocker)
• Use managed identities where possible (future support)
• Monitor usage of AI providers

Security fixes are released as part of normal updates.

Users should:

• Always run the latest version
• Monitor GitHub releases

We appreciate responsible disclosure and collaboration to improve security.

BuddyAI is built with:

• User-controlled data flow
• Local-first architecture
• Transparent provider communication

You control your data. Always.