Security

Trust through transparency.
Security through architecture.

Most AI products ask you to trust their cloud. Prometheus asks you to trust your own machine. The system runs locally, logs everything, and gives you complete control over what it can access.

Permissions Model

Every tool in Prometheus requires explicit capability grants. Browser access, file operations, desktop control — nothing activates without your configuration. You define the boundary; the system respects it.

Account Isolation

Each session operates in its own context boundary. Cron jobs run in isolated sessions. Team agents get scoped tool access. Background tasks don't leak state across boundaries.

Privacy by Architecture

Prometheus runs as a local gateway on your machine. Your conversations, files, memory, and task history never touch our servers. There is no cloud relay. There is no telemetry pipeline. Your data is yours.

Local-First Control

You own the runtime. Prometheus runs on your hardware, uses your API keys, connects to your accounts. If you shut it down, it stops. If you delete the data directory, it's gone. No residual cloud state.

Responsible Execution

Prometheus is designed for legitimate automation. Tool blocklists prevent subagents from accessing sensitive operations without explicit grants. The system respects website terms and rate limits by default.

Audit Trail

Every action Prometheus takes is logged — tool calls, parameters, results, timestamps. The audit log is a local JSONL file you can inspect, search, or pipe into your own monitoring. Nothing happens in the dark.

What we don't do

We don't store your conversations on our servers
We don't train models on your data
We don't sell usage analytics to third parties
We don't require cloud connectivity for core features
We don't hide tool execution behind opaque abstractions
We don't run tools without logging the action

Your machine. Your data. Your rules.

Prometheus was built for people who take their privacy seriously. See the full system.

Get Started