Local data and privacy
AI OS keeps the local operator boundary separate from its public surfaces.
Local inputs
Section titled “Local inputs”Depending on setup and installed tools, the local host can inspect bounded signals such as tool readiness, saved skills, memory sources, workspaces, session summaries, usage metadata, scheduler state, and extension output.
The browser receives validated projections designed for a product surface. It must not receive private account material, full machine paths, detailed local diagnostics, provider response bodies, or unreviewed generated files.
Local actions
Section titled “Local actions”Routes that can refresh data, run Dream, invoke an agent, or write local state remain local. Their implementation uses the controls appropriate to the route, including loopback and host checks, same-run tokens, schema validation, timeouts, safe errors, redaction, argument-only process launch, and confined paths.
These are local product routes, not a hosted public API.
Public surfaces
Section titled “Public surfaces”- The product site is static marketing content.
- The demo is a static reviewed snapshot.
- This documentation site publishes only curated pages from its own content directory.
None of these surfaces imports the repository’s internal maintenance tree or generated local data.