Security/privacy audit note

[coreyone]

Quick audit: biggest risks are 1) the Cloudflare worker is an open public proxy for paid APIs, 2) raw user transcripts + AI replies are sent to PostHog, and 3) one fallback path ships an OpenAI key in the app bundle. Main issue isn’t code quality, it’s security/privacy boundaries.

[coreyone]

Really cool project, and I mean this in a friendly heads-up way, not a drive-by dunk.

A bit more detail on why I called these out:

• The Worker is doing the right job in principle by keeping secrets out of the binary, but without any auth or rate limiting on the Worker itself, anyone who gets the workers.dev URL can proxy requests through your Anthropic, ElevenLabs, and AssemblyAI accounts.
• The PostHog events currently look like they can include full user transcripts and full AI responses. Since the app also looks at screenshots, that creates a decent chance of collecting sensitive user or work content in analytics.
• The OpenAI transcription fallback appears to rely on an API key embedded in the app bundle, which weakens the otherwise solid keys-stay-server-side architecture.

The good news is these feel fixable without rethinking the product:

1. Add a thin auth layer or signed request scheme in front of the Worker.
2. Redact analytics down to counts, success/failure, and timing instead of raw content.
3. Route any fallback model calls through the Worker too, so the client never ships reusable API keys.

Hope that’s helpful. The app idea is genuinely strong. This is mostly about tightening the security and privacy boundary around something people may end up trusting a lot.