Security

Built to be verifiable.

The shortest version: MingLLM holds your private data, so the security model exists to make sure that data only does what you asked. This page describes how.

Last updated · 2026 · Privacy policy ↗

(01)

Threat model what we're protecting against.

MingLLM holds a copy of your private working life — mail, calendar, browsing, code. The realistic threats are: (1) silent exfiltration to a server you didn't authorize, (2) a third-party tool MingLLM calls that does more than you intended, (3) someone with physical access to your unlocked laptop. The product is built around making each of those visible or impossible.

(02)

Sandbox the runtime is contained.

MingLLM ships as a hardened-runtime, notarized macOS app. The model, your memory, and the action loop run inside the app sandbox. The app declares a minimal entitlement set; we deliberately avoid the broad ones (full disk access, accessibility) and use scoped grants per capability instead.

(03)

What touches the network audited and named.

Two categories: (1) updates — the app checks for new versions and ships crash reports if you opt in; (2) tools you authorize — search, mail, third-party APIs. Every other request is denied at the runtime level. The receipts log enumerates everything that reached the network in the last 30 days; you can export it as JSON.

(04)

Permissions scoped, revocable, never assumed.

Each capability is a discrete grant — read mail, write a file in this folder, call this API. Grants are revocable from one screen. There is no "approve everything" mode. New capabilities request consent the first time they're used, with the caller named.

(05)

Code signing + notarization the binary is verifiable.

Builds are signed with our Developer ID (Team ID published below) and notarized with Apple. The Sparkle update channel verifies signatures before applying any update. Reproducible-build instructions for the published model and runtime live in /docs/security/reproduce.

(06)

Reporting a vulnerability we read every report.

If you find a security issue, email security@mingllm.com with details and a proof of concept. We aim to acknowledge within 48 hours and publish a fixed build (or mitigation) within 14 days for critical issues. Bounty: case-by-case while we're pre-revenue, real once we're not. Please don't disclose publicly until we've shipped a fix.

Signing identity
Developer ID: MingLLM, Inc.
Team ID: 7Y4K2M9X3Q
Notarization: Apple notary v2 · enabled
Update channel: Sparkle 2 · DSA-signed
← Back to MingLLMReport a vulnerability