> Basic ideas are minimal privilege per task in a minimal and contained environment for everything and heavy control over all actions AI is performing.

The challenge is that no application on desktop is built around these privileges so there's no grant workflow.

Are you bytecode analysing the kernel syscalls an app makes before it runs? Or will it just panic-die when you deny one?

We're a zero trust cloud infra solution for power users.

It solves problems like prompt injection and secrets exposure. For host security you're right cloud is the only way to secure those heavily and one of the reasons we went that route with enclave attestation.

We offer a way for you to use AI agents without the AI provider ever able to see your sensitive information while still being able to use them in a minimized permission environment.

AI has a tough time leaking your credentials if it doesn't know them!