Local-first

Your agent memory should belong to you.

Link has no hosted backend, no telemetry, no external API calls, and no cloud account requirement. The safety model is local files, explicit writes, and inspectable provenance.

Privacy Model

  • No telemetry.
  • No hosted backend.
  • No external API calls from serve.py or link-mcp.
  • Raw sources and generated wiki pages are ignored by git by default.
  • SQLite search, when available, is an in-memory derived index. Markdown remains the source of truth.

Secret Handling

Link scans raw sources, captures, release files, and public artifacts for secret-looking values. It detects common API keys and token formats, warns without logging secret values, and refuses normal ingest guidance when raw safety cannot be established.

link ingest-status
link capture-inbox
link redact-capture raw/memory-captures/<capture>.md
python3 scripts/check_release_hygiene.py
Rule Redact or remove secret-looking values locally before asking an agent to ingest a file. Link is not a secret manager.

HTTP Boundary

The local viewer binds to 127.0.0.1, rejects unexpected host/bind flags and unexpected Host headers, and has no authentication. Do not expose it to the internet without adding an auth layer.

HTTP write actions require X-Link-Local-Action: true. Responses include X-Link-API-Version. Proposal analysis does not write pages.

Backups

link backup and MCP backup_wiki write local .link-backups/ archives. Raw sources are excluded unless explicitly requested.

link backup
link backup --include-raw
link doctor --fix

Run a backup before broad repair work or large generated changes.

Before Sharing A Repo Or Wiki

python3 link.py doctor
python3 link.py validate
python3 scripts/check_release_hygiene.py
git diff --check

Use git push, git archive, or clean build artifacts for public sharing. Do not zip a whole working directory; ignored local files, .git/, caches, raw sources, and build outputs can be included by accident.

See SECURITY.md for vulnerability reporting.