Security model
MultiGrid separates local application data, operating-system credentials, upstream providers and optional hosted services. Local-first does not mean every request remains on-device: cloud model requests are sent to the provider you select.
Credentials
The native Tauri shell stores provider keys and hosted session tokens through Windows Credential Manager, macOS Keychain or Linux Secret Service. Secrets are supplied only to the loopback gateway process and should never enter SQLite, logs or API responses.
Local data
Conversations, routes, analytics, agents, memory, tasks and execution records are persisted locally in SQLite. Anyone with access to the local operating-system account or an unencrypted device backup may be able to read that database.
Network exposure
The development gateway binds to loopback by default. A local gateway API key can protect compatible clients. Optional hosted inference requires a MultiGrid application key or user session and is distinct from private desktop administration endpoints.
Third-party providers
When you select a cloud model, prompts and related content are processed under that provider’s terms and privacy practices. Review model-specific data-use disclosures before sending sensitive information.
Report a vulnerability
Do not open a public issue for a vulnerability. Email security@multigrid.ai with reproduction steps, impact and affected versions. Do not include active credentials or unnecessary personal data.
