Security and privacy

ClaudeLink is built to disappear into your dev environment, not to become another service you have to trust. The design follows a few firm rules.

What stays on your machine

• No cloud, no servers. Every byte of state lives in ~/.claudelink/nexus.db on your computer.
• No telemetry, no analytics, no phone-home. Nothing is sent anywhere, so there is nothing to opt out of.
• No account, no signup, no API key. ClaudeLink does not talk to any external service. Your agents talk to their own model providers however they normally would; ClaudeLink is just the connective tissue between them.
• Loopback by default. The Command Center binds to 127.0.0.1:7878 and is not reachable from outside your machine.

How the keystroke path stays safe

The auto-nudge scheduler types into iTerm2 and tmux through their public AppleScript and send-keys APIs, the same way a shell script would. There are no accessibility shims, no kernel hooks, and no permission prompts. Because the keystroke is indistinguishable from you typing by hand, it routes through the agent's normal trusted-input path. ClaudeLink never forges tool calls or fabricates intent; the agent decides whether and how to reply.

This is also why ClaudeLink works with Claude Code, Codex, Gemini, and Goose without modification: the keystroke is a primitive every terminal handles the same way, and it respects rather than bypasses each client's own safety behavior.

Open source and auditable

ClaudeLink is MIT licensed. Every line of code is in the public repository, so you can read it, fork it, and run a custom build for your own compliance posture. If you have been hesitant to wire AI agents together because the usual frameworks want your context in their cloud, this is built for the opposite default: your code stays where it is.

For how the site itself handles data (it collects nothing), see the privacy policy.