Legal

Security

How we design Cloak so your audio, screenshots, and prompts stay on your machine — and what we do with the data that has to leave it.

Updated May 2026 4 min read

Our security model in one sentence

Cloak is a desktop-first AI assistant. Capture, storage, and processing happen on your Mac. Network traffic is opt-in: it only leaves your device when you explicitly route a prompt to a cloud model provider you have configured.

What runs locally

  • Audio capture. System audio and microphone are captured by Cloak's native Rust pipeline and never written to a remote server.
  • Screenshots. Captured by the macOS ScreenCaptureKit framework and held in memory until you send a prompt.
  • Transcripts and history. Saved in a SQLite database in your local app data folder. Never synced.
  • API keys. Stored in the macOS Keychain when you use Bring-Your-Own-Key mode.

What goes to the network

Only the parts of a turn you choose to send. Specifically:

  • The prompt text and any attached transcript / screenshot, sent directly to the AI provider you have configured (OpenAI, Anthropic, Google, Groq, or our managed Cloak tier).
  • Speech-to-text audio, if you use a hosted STT engine (Whisper, ElevenLabs, Groq, Google Cloud STT). Local Whisper avoids this entirely.
  • An update check against the GitHub Releases API on launch.

Cloak does not send analytics on what you type, transcribe, or generate. Anonymous crash and usage signals (event counts only) are sent to PostHog and can be disabled in Settings.

Screenshot-proof overlay

The Cloak overlay window is an NSPanel with setSharingType: .none. macOS treats it as a non-capturable surface, so it does not appear in Zoom, Teams, Google Meet, Loom, OBS, QuickTime, or the system screenshot tool. This is enforced at the window-server level — not a CSS trick — and it cannot be disabled from the UI on purpose.

Code signing and notarization

Every release is built in GitHub Actions, signed with an Apple Developer ID certificate, and notarized by Apple before it reaches the download page. The DMG hash is published on the GitHub release page so you can verify what you installed.

Bring Your Own Key (BYOK)

BYOK mode keeps the trust boundary tight: your prompt goes from your machine directly to the provider's API using a key you control. Cloak never proxies BYOK traffic.

Managed Cloak tier

If you use the managed tier, your prompt is signed with a short-lived license token and routed through our Cloudflare Worker to the upstream model. We do not store prompt or response bodies. Request metadata (timestamp, model, token count) is retained for 30 days for billing and abuse detection, then deleted.

Reporting a vulnerability

If you find a security issue, please email hvsolanki27@gmail.com with a description and reproduction steps. We will acknowledge within 72 hours and aim to ship a fix in the next release window.

How to install Cloak

macOS · 4 quick steps

  1. 1

    Extract the ZIP

    Open Cloak.zip from your Downloads folder. Double-clicking it will extract automatically.

  2. 2

    Move to Applications

    Drag Cloak.app into your /Applications folder.

  3. 3

    macOS security check

    macOS may warn that it can't verify the developer. This is normal for unsigned indie apps — it's not malware.

    "Cloak.app" can't be opened

    Apple cannot check it for malicious software.
    This item is on the disk image.

    Cancel
    OK

    If you see this, use the fix in Step 4 below — it removes the quarantine flag instantly.

  4. 4

    One-line fix (if blocked)

    Open Terminal (press ⌘ Space, type "Terminal"), paste this command and hit Return:

    Terminal — zsh
    $ xattr -cr /Applications/Cloak.app

    This removes the quarantine attribute macOS attaches to downloaded files. Cloak's source is open source — inspect it any time.

Need help? Open an issue on GitHub →