Source code boundary
ImplementedRepository source, env files, and API keys are not uploaded by the CLI.
Public trust posture
0dai Trust Center
Security, privacy, compliance posture, subprocessors, and vulnerability disclosure for the 0dai agentic knowledge layer.
Current release
v4.4.3
Core MCP tools
49
Registered MCP tools
113
Primary data model
Local-first
Compliance
Clear status, no borrowed badges
This page distinguishes implemented controls, dogfood enforcement, and planned compliance work. Certification claims appear only after evidence exists.
Dirty-tree and protocol gates
DogfoodAgent work is guarded by issue-first, tasklist, scope, and worktree hygiene checks.
SOC 2
In progressTarget H2-2026. Evidence collection and control mapping have started; canonical status line at /security#soc2. ISO 27001 is not claimed and no certification effort is in flight.
Cloud Knowledge Graph
PlannedThe free graph is file-backed today. A paid Postgres/Supabase substrate is planned.
Documents
Security and legal references
The first public packet is intentionally small: current public documents, product facts, and a request path for enterprise review.
Privacy Policy
What we collect, what stays local, and how project telemetry is handled.
Terms
Service terms, acceptable use, billing, and account responsibilities.
Setup Guide
Activation-first install path and local project wiring.
Pricing
Free local graph, Pro access, and planned Team cloud graph capabilities.
GitHub Repository
Public source, issues, pull requests, and release history.
Security Packet
Available by request while the formal trust packet is being assembled.
Security Controls
Controls that map to real agent risk
0dai focuses on the failures that hurt agentic development: secret exposure, repo pollution, unscoped delegation, stale memory, and unreviewed destructive actions.
Local-first source handling
Implemented0dai builds context from manifest files, metadata, and generated ai/ artifacts without sending repository source code by default.
Activation and plan gates
ImplementedCloud-facing features start from explicit activation and are constrained by the account plan.
Provider and BYOK boundary
ImplementedModel provider use is operator-controlled. Customer keys stay in local secret storage when BYOK is used.
Dirty worktree guard
DogfoodAgents are expected to isolate task branches, detect unrelated changes, and keep mergeable work from piling up.
Protocol preflight
DogfoodNon-trivial agent dispatch is checked for linked issue, tasklist, profile, scope, plan, and completion proof.
CI security checks
Soft-warningThe project runs targeted tests plus security-oriented scans such as secret and dependency checks. Some scans report findings as warnings while gating is hardened.
Audit trail
DogfoodOperational decisions, memory rule access, and agent activity are recorded into append-only project logs.
Human-reviewed migrations
ImplementedDatabase migrations and destructive actions require explicit human review before execution.
Data Handling
Local by default, explicit when cloud is involved
The trust boundary is built around what the CLI needs for project intelligence versus what must remain on the operator machine.
File-backed graph
Secrets stay local
Audit-ready logs
What stays local
Source files, .env files, credentials, private keys, and raw repository contents stay on the operator machine unless explicitly shared outside 0dai.
What may sync
Account state, plan tier, CLI version, command outcome telemetry, generated manifest summaries, and support reports may be used for cloud features.
Current graph storage
The free product uses a file-backed local graph in the repository. It is designed for inspection and portability.
Planned cloud substrate
Paid shared knowledge graph capabilities are planned on a Postgres/Supabase-backed substrate, not shipped as a completed graph database today.
Subprocessors
Subprocessors and providers
High-level provider view. The canonical versioned list with per-entry purpose, data category, and processing region lives at /security#subprocessors and is what the DPA points to.
ProviderPurposeData
Provider
Anthropic, OpenAI, OpenRouter
Purpose
Model inference for agent runs (US-region)
Data
Prompt and tool I/O the operator routes to the selected provider; no source files or secrets
Provider
Google / GitHub
Purpose
OAuth sign-in where enabled
Data
Identity claims (email, name, avatar) and account linkage
Provider
Wallet Pay / TON rails
Purpose
Billing and checkout flows where available
Data
Payment session metadata
Provider
Umami (self-hosted)
Purpose
Product usage analytics, same host as 0dai.dev
Data
Aggregated web events; no cookies, no user IDs
Provider
DigitalOcean, Cloudflare
Purpose
Production hosting (DigitalOcean) and DNS/TLS/edge (Cloudflare)
Data
Operational logs, account metadata, and service telemetry
Vulnerability disclosure
Report suspected security issues to hello@0dai.dev. Include impact, reproduction steps, affected versions, and whether sensitive data was exposed.
In scope
CLI, website, dashboard, public API endpoints, generated ai/ layer, docs, and agent protocol guardrails.
Out of scope
Social engineering, destructive testing against customer repositories, spam, and high-volume rate-limit noise.
FAQ
Frequently asked trust questions
Short answers for security reviews, procurement, and teams deciding whether 0dai fits their repo boundaries.
Does my source code leave my machine?
No by default. The public posture is local-first: source files, secrets, and env files are not uploaded by the CLI.
Are you SOC 2 or ISO 27001 certified?
SOC 2 is in progress with a target of H2-2026 — evidence collection and control mapping have started, but no SOC 2 report exists yet and we will not claim certification before one does. ISO 27001 is not claimed and no certification effort is in flight. The canonical status line lives at /security#soc2.
Is the cloud Knowledge Graph shipped?
No. The free graph is file-backed today. A paid cloud graph substrate is planned and will be documented separately before launch.
Can teams request a security review packet?
Yes. Email hello@0dai.dev and include the plan, data-flow questions, and procurement requirements you need answered.