Privacy & security

The security model is architectural, not a promise.

  • Scanner first, always. The regex secret scanner runs before any LLM call. The model never sees the raw diff — only a redacted, truncated version.
  • Critical findings abort drafting. A leaked key (e.g. sk-ant-…) stops the pipeline for that commit and logs which lines triggered it.
  • Keys stay on your machine. Env var or the 0600 config file — nowhere else.
  • No cloud, no database, no sync. Beacon's entire footprint is two JSON files under ~/.beacon/ plus a log at ~/.beacon/beacon.log. No telemetry, no accounts.
  • The browser UI is loopback-only and token-locked. beacon ui serves on 127.0.0.1 with a fresh per-session token on every request, plus a host-header allowlist — another website open in your browser cannot reach your drafts, and neither can the network. Its Content-Security-Policy forbids the page from calling anywhere but itself. Ctrl-C and it's gone.
  • No posting credentials. Beacon cannot publish anything. Approving a draft copies it to your clipboard — that's the only way content leaves the tool.