Selfware does not collect, transmit, or store any of your data outside your machine.
That's the entire policy. Here are the details:
- Does not send telemetry to any server
- Does not phone home for updates
- Does not collect usage statistics
- Does not track which files you edit
- Does not log your prompts to any cloud service
- Does not require an account or registration
- Does not include any third-party analytics or tracking
- All code analysis and generation
- All conversation history (
~/.selfware/sessions/) - All audit logs (
~/.selfware/audit/) - All memory and learned patterns (
~/.selfware/memory/) - All configuration (
~/.config/selfware/)
Selfware makes network requests ONLY to:
- Your configured LLM endpoint (e.g.,
http://localhost:8000/v1) — to send prompts and receive completions - MCP servers you explicitly configure — to connect to tool servers you choose to run
No other network requests are made. Ever.
In air-gapped mode, ALL network requests are disabled.
Session data can be encrypted at rest using AES-256-GCM with a key derived from your OS keychain (PBKDF2-HMAC-SHA256, 100,000 iterations).
- You can delete all Selfware data:
rm -rf ~/.selfware ~/.config/selfware - You can audit all network traffic: Selfware only connects to endpoints you configure
- You can read every line of code: MIT licensed, no proprietary blobs