Security Model
Omnodex is a security tool, so its own security posture matters. This page describes the threat model, trust boundaries, and design decisions that keep your data safe.
Threat Model
Section titled “Threat Model”Omnodex operates in a sensitive position: it sees everything your AI agent does. The security model is designed around the principle that this data should be under your control at all times.
Trust Boundaries
Section titled “Trust Boundaries”| Boundary | Who Controls It |
|---|---|
| Event capture | Runs locally on your machine |
| Event storage | Written to your local filesystem |
| Analysis (free tier) | Runs locally on your machine |
| Cloud sync (hosted tier) | Encrypted on your machine before upload |
| Cloud storage | Encrypted blob - we cannot read it |
What We Never See (Hosted/Cloud Tiers)
Section titled “What We Never See (Hosted/Cloud Tiers)”Even when you use cloud features:
- We never see your raw event data
- We never see your credentials or API keys
- We never see the content of tool calls or responses
- We never hold your encryption key
Local-First Architecture
Section titled “Local-First Architecture”The free tier is entirely local. Nothing leaves your machine:
- Events are written to a local file
- Analysis runs locally
- The dashboard is a local web server
- No network calls are made by Omnodex itself
Passive Observer Design
Section titled “Passive Observer Design”Omnodex is architecturally incapable of modifying agent behavior:
- Hooks are read-only observers
- The interceptor interface has no write path back to the agent
- Events are captured after execution, not before
- There is no mechanism to block, modify, or inject tool calls
This is a deliberate design choice. A security tool that can modify agent behavior introduces a new attack surface. Omnodex avoids this entirely.
Supply Chain Considerations
Section titled “Supply Chain Considerations”The Omnodex core (all interceptors, event log, rule engine, CLI, and local dashboard) is open source under the AGPL-3.0. You can:
- Inspect every line of the local pipeline’s code
- Verify what the hook actually sends
- Audit the event schema for unexpected fields
- Build from source to eliminate supply chain risk
Cloud components (hosted dashboard infrastructure, advanced rule distribution, threat intelligence) are proprietary and available on paid tiers. The local pipeline never depends on cloud components - it is a complete, self-contained product.
Next Steps
Section titled “Next Steps”- Data Handling - How event data is stored and retained
- Encryption - Details on the zero-knowledge encryption system
- Vulnerability Reporting - How to report security issues