Privacy & security
The security model is architectural, not a promise.
- Scanner first, always. The regex secret scanner runs before any LLM call. The model never sees the raw diff — only a redacted, truncated version.
- Critical findings abort drafting. A leaked key (e.g. sk-ant-…) stops the pipeline for that commit and logs which lines triggered it.
- Keys stay on your machine. Env var or the 0600 config file — nowhere else.
- No cloud, no database, no sync. Beacon's entire footprint is two JSON files under ~/.beacon/ plus a log at ~/.beacon/beacon.log. No telemetry, no accounts.
- The browser UI is loopback-only and token-locked. beacon ui serves on 127.0.0.1 with a fresh per-session token on every request, plus a host-header allowlist — another website open in your browser cannot reach your drafts, and neither can the network. Its Content-Security-Policy forbids the page from calling anywhere but itself. Ctrl-C and it's gone.
- No posting credentials. Beacon cannot publish anything. Approving a draft copies it to your clipboard — that's the only way content leaves the tool.