Your data never leaves your machine.
Glyphsix is local-first by design. No cloud required, no data transmitted, no telemetry collected.
Local-first architecture
Everything runs on your machine. No data leaves your network. The CLI makes zero network requests — no telemetry, no analytics, no phone-home behavior. Your project files stay exactly where they are.
Air-gap compatible
Works fully offline. No license server, no activation, no cloud dependency. Install from PyPI once (or from a local wheel), and run forever without network access. Designed for environments where connectivity isn't an option.
What we access
Glyphsix reads the project files you point it at. It writes nothing to disk unless you explicitly run patch or deploy. No temporary files, no caches, no side effects. The tool is a pure reader by default.
Open source
The CLI is open source. You can audit every line of code, verify what it does, and build from source. We believe trust is earned through transparency, not promises.
View on GitHub →Glyphsix Cloud
The optional cloud platform encrypts files at rest (Cloudflare R2) and in transit (TLS). Authentication via Clerk (OAuth 2.0 / SAML SSO). Role-based access control with 43 granular permissions. File access uses presigned URLs with 15-minute TTL — no permanent public links. Every action is logged with user attribution for full audit trail. The cloud is additive — the CLI remains fully local and independent.
Responsible disclosure
Found a security issue? We take it seriously. Email us at security@glyphsix.io and we'll respond promptly.