Security Model
Abdulrhman-io IDE is built from the ground up with a "local first, zero trust" philosophy.
Core Principles
- Local Execution by Default — All AI processing happens on your machine. Code never leaves unless you explicitly send it to a cloud model.
- Explicit Approval — Dangerous operations (rm -rf, production deploys, database migrations) always require human confirmation.
- Sandboxed Operations — File writes, terminal commands, and network access are controlled and auditable.
- Encrypted Secrets — API keys and credentials are encrypted at rest using OS keychain / encrypted storage.
Sandbox & Approval Gates
Every file modification and terminal command goes through the security layer. You can configure strictness levels per project.
Key Storage
API keys are stored using the operating system's secure storage (Windows Credential Manager, macOS Keychain, Linux Secret Service). They are only decrypted in memory when needed for a local model call.
Telemetry & Privacy
By default, zero telemetry is sent. You can opt-in to anonymous usage statistics. No code, prompts, or file contents are ever collected.