Security Model

1. Air-gapped by default

Aegis is designed for an on-device-first flow. Conversations, settings, and tool execution can stay entirely local when you use local or on-device models. Network egress is not required for local-only operation.

2. Explicit trust boundaries

Every model source and every tool is explicitly configurable. Tool calling can be turned on or off per source. Built-in tools are visible and auditable, and tool calls are rendered in the chat timeline.

3. Optional cloud delegation

Cloud model usage is opt-in. When enabled, Aegis can apply strict redaction rules before sending prompts off-device.

• Detect and remove configured sensitive patterns
• Drop or mask personally identifying fields
• Constrain outbound context to minimal required scope
• Disable cloud paths at any time per source

4. Diagnostics policy

Aegis does not automatically upload diagnostics. Debug sharing is manual and user-initiated. The app presents share/export actions explicitly so you can decide whether to send diagnostic payloads.

If you do not share diagnostics, they remain local to your device storage.

5. Configuration portability

Settings are exportable/importable as versioned JSON for reproducible deployments and audits. This includes models, tool definitions, and source-level capability toggles.