Neurix is designed with privacy as a core principle:
- All inference runs on-device — no data is sent to external servers
- No accounts or authentication — nothing to compromise
- No telemetry or analytics — no tracking of any kind
- Conversations stored locally — encrypted at rest by the OS file system
- Models downloaded over HTTPS — from HuggingFace's CDN
| Version | Supported |
|---|---|
| 0.1.x | Yes |
If you discover a security vulnerability, please report it responsibly:
- Do not open a public issue
- Email the maintainer or open a private security advisory on GitHub
- Include steps to reproduce the vulnerability
- Allow reasonable time for a fix before public disclosure
We take security seriously and will respond as quickly as possible.
The following are in scope:
- Vulnerabilities in the Neurix application code (Rust backend, React frontend)
- Issues with how models or conversations are stored on disk
- Network security issues in the model download pipeline
- Tauri permission/capability misconfigurations
The following are out of scope:
- Vulnerabilities in third-party models themselves
- Issues in upstream dependencies (report those to the respective projects)
- Social engineering attacks