Your source code never leaves your machine โ that's architecture, not a promise. The only connection Forage makes to Squrl is a startup license check; your code, graph, and conversation history stay entirely local to you.
The security model
The indexer, graph engine, and version control run 100% locally on your machine. Your source files are
read only โ never transmitted anywhere. The database lives at .forage/forage.db
inside your project directory and never leaves it.
Both the web UI (localhost:9988) and MCP server (localhost:9989) bind
exclusively to 127.0.0.1. They are not reachable from the network โ not even
on a LAN โ without explicit port forwarding that you control.
The MCP HTTP/SSE server requires an X-API-Key header on every request. The key is
generated locally using 32 bytes of cryptographic randomness (CSPRNG) and stored only in
~/.forage/config.json on your machine. It is never transmitted to Squrl.
Forage contains no analytics, crash reporters, or usage tracking of any kind. On each startup, Forage contacts Squrl's licensing server to verify your token and certificate โ that request contains only your license credentials, never your source code, graph data, or any content. No heartbeat. No update checks. No error beacons.
Data flow
Data handling
| Data Type | How It's Used | Leaves Your Machine? |
|---|---|---|
| Source code files | Indexed locally into knowledge graph | โ Never |
| File names & paths | Stored in local DB | โ Never |
| Code symbols (functions, classes) | Graph nodes in local DB | โ Never |
| Graph context summaries | Sent to inference server (if configured) | โ Only to your chosen provider |
| Conversation history | Stored in local DB | โ Never |
| User annotations & tags | Stored in local DB | โ Never |
| License token & certificate | Verified with Squrl's licensing server on every startup | โ To Squrl only โ no code or graph data |
| API key | Stored in ~/.forage/config.json | โ Never |
| Logs | Written to ~/.forage/forage.log | โ Never |
Inference server transparency
If you use a cloud-hosted inference provider, Forage sends the AI a compact graph context: file names, symbol names, relationship edges, and any user-added notes. It does not send your raw source file contents.
This is a deliberate design trade-off. The knowledge graph is a structural representation of your code, not the code itself.
โ For a completely air-gapped workflow: run
Ollama on your own hardware and point Forage at http://localhost:11434.
In this configuration, Forage makes zero outbound connections. No data leaves your machine.
FAQ
No. The indexer has no outbound network capability. All data written by Forage stays in .forage/ inside your project directory.
Yes, on startup. Forage contacts Squrl's licensing server to verify your license token and certificate each time it launches. Once running, no additional internet access is required โ unless you configure a cloud inference provider.
Only processes on the same machine that possess the API key. The server is bound to 127.0.0.1 and is not network-accessible.
.forage/ folder?They could read cached graph data: symbol names, file structure, and annotations. They could not access actual source files through Forage.
Not fully. Forage requires a connection to Squrl's licensing server on every launch to verify your license. Once running, no further internet access is needed when paired with a local Ollama instance. Contact us if your environment has strict outbound restrictions.
Squrl's licensing server receives your license token and certificate on each Forage startup to validate your subscription. It receives nothing about your source code, file structure, graph data, or usage. Your code and knowledge graph never leave your machine.
Responsible disclosure
Security contact
PGP fingerprint: 28E5 3D62 23BB B1FE C975 F01D D324 7507 59C6 7395
SLA: 72-hour acknowledgment ยท 90-day coordinated disclosure window ยท We do not pursue legal action against good-faith security research.