SelfAgent runs on your own device or server. There is no central SelfAgent cloud holding your data. Your conversations, files, and credentials stay on your machine.
API keys and tokens are stored locally; secret credentials are encrypted at rest (vault) where supported and are never displayed back in full or transmitted to the SelfAgent project. Each install uses only the keys you enter.
Sensitive actions (sending messages, deleting data, running shell commands, spending money, etc.) are gated and require your approval, helping prevent unintended autonomous actions.
Desktop builds are currently unsigned, so Windows SmartScreen / macOS Gatekeeper may warn on first run. This is expected for a free, independent project — verify you downloaded from the official source before running.
Found a security issue? Please report it responsibly through the project's GitHub (security advisory or a private issue) linked from About. Do not disclose publicly until it is addressed.
Security is a shared responsibility and the Software is provided "as is" with no warranty. See the Terms.