Local-First AI - Privacy Without Compromise

What Local-First Actually Means

Local-first isn't just about running code on your machine. It's a philosophy about data ownership. When you use Kollabor, every conversation, every transcription, every setting lives on your device. Not backed up to our servers. Not used for training. Not seen by anyone but you.

This isn't privacy theater. It's architectural. Both kollabor-cli and kollabor-app store all data in ~/.kollabor/ and ~/.kollabor-cli/. Your conversations are JSONL files on disk. Your transcriptions are audio files you control. Your API keys are stored locally and never leave your machine.

How Kollabor Stores Your Data

Let's be concrete. In kollabor-cli, every session creates a new JSONL file in ~/.kollabor-cli/projects/<encoded-path>/conversations/. Each line is a complete record with timestamps, context, git branch, and message content. This is your data—you can read it, delete it, back it up, or move it. No proprietary formats, no lock-in.

The conversation logger (conversation_logger.py) doesn't just store messages. It builds intelligence locally: user patterns, project context, solution history. All of this lives in the memory/ subdirectory. The system learns from you, but that learning never leaves your machine.

kollabor-app follows the same pattern. Chats, notes, recordings—all in ~/.kollabor/. Transcription history is a JSON file you can edit directly. Audio files are stored locally with path traversal protection baked into the Rust backend.

Local Whisper vs Cloud Transcription

Speech-to-text is where most AI products compromise. They send your audio to a server, process it, and maybe delete it later. We use Whisper, but we run it locally.

kollabor-app bundles whisper-rs—the Rust bindings to whisper.cpp. Models download from Hugging Face to ~/.kollabor/whisper-models/ and run entirely on your machine. Tiny, Base, Small, Medium, Large—you choose the tradeoff between speed and accuracy. No audio ever leaves your device.

The transcription commands in commands/transcription.rs show this clearly. Audio buffers are processed in-memory using transcribe_audio_auto(), which handles WAV, WebM/Opus, and raw PCM. File reads are restricted to the recordings directory with canonical path verification. Even error messages stay local.

This isn't just about privacy. Local Whisper means you can transcribe without internet. It means no API costs. It means consistent latency regardless of server load. Privacy and performance, not a tradeoff.

The Permission System

AI assistants that can execute commands need safeguards. Most products implement them server-side with rate limits and content filters. We do it locally with an extensible permission system.

The permission manager in kollabor-cli (core/llm/permissions/manager.py) implements four approval modes: CONFIRM_ALL, DEFAULT, AUTO_APPROVE_EDITS, and TRUST_ALL. Each tool execution is assessed for risk level—LOW, MEDIUM, HIGH, or UNKNOWN—using pattern matching on commands and tool types.

Risk patterns are configurable: high-risk commands like rm -rf, sudo, curl | sh trigger confirmations. Medium-risk patterns include system modifications. Trusted tools bypass prompts. Approvals can be scoped to session, project, or forever—stored in permission_approvals.json in your project directory.

Chained commands (using &&, ||, or ;) are blocked from wildcard approval for security. Gitignored files can't be read with broad file_read:* patterns. The system protects you even when you try to trust it.

kollabor-app has a similar security layer in tool_runner.rs. Tool execution loops run in Rust with the same risk assessment philosophy. The difference is user experience—CLI has inline prompts, the app has modal confirmations—but the security model is identical.

Bring Your Own Key (BYOK)

Kollabor doesn't sell you AI access. You bring your own API key from OpenAI, Anthropic, OpenRouter, or any OpenAI-compatible provider. Your key is stored in local config and sent directly to the API endpoint. We never see it, we never bill you, we never intermediate.

In kollabor-cli, profiles in config.json let you switch providers and models. The API communication service (api_communication_service.py) handles requests with rate limiting and retry logic, but it's a direct client-to-API connection. No proxy, no middleman.

kollabor-app extends this with multi-provider support. Anthropic's native Messages API, OpenAI's function calling, even XML-mode tool parsing—all through your own keys. The LLM profile system in settings.rs stores providers, base URLs, and model names. Your keys, your choice, your cost.

No Telemetry, Ever

We don't track you. No analytics scripts, no usage metrics, no phone home. The logging system is entirely local—daily rotation in logs/kollabor.log for debugging. No unique identifiers, no request IDs sent to us.

Search the codebase for "telemetry" or "analytics" and you'll find documentation, but no implementation. We don't use Plausible or Google Analytics in the CLI or app. We don't collect error reports. We don't even know how many users we have.

This is by design. Privacy isn't a setting you toggle—it's the foundation. If we wanted to add telemetry, we'd have to write the code from scratch. It's easier to keep it that way.

MIT License as Privacy Guarantee

Both kollabor-cli and kollabor-app are MIT-licensed. You can verify everything we've said. Read the conversation logger code—see that it writes to conversations/. Check the transcription code—confirm audio stays local. Audit the permission system—verify there's no backdoor.

MIT isn't just a license. It's a guarantee. If we change direction, if we disappear, if we violate your trust—you can fork the code. Your local-first AI assistant continues working. No service to shut down, no API to deprecate, no data to migrate.

Compare this to closed-source AI tools. When they shut down, your data goes with them. When they change their privacy policy, you have no recourse. With Kollabor, the code is yours. The architecture is transparent. You control your AI workflow.

What's Next

Local-first doesn't mean isolated. We're building features that work with your local data: semantic search across conversations, RAG on your codebase, persistent memory across projects. But all of it runs locally. Your embeddings, your vector database, your queries.

The future of AI shouldn't be more surveillance. It should be more capability with more privacy. Kollabor is our attempt to build that future—one local file, one permission prompt, one offline transcription at a time.

Try kollabor-cli for your terminal workflows or kollabor-app for voice-to-text transcription. Your data stays yours. That's not a feature—it's the foundation.