Trust

Security starts with local-first control and clear provider boundaries.

ExtraBrain keeps the live workflow on your Mac and can run AI locally on compatible hardware, but users should still treat provider credentials, screenshots, transcripts, audio, and release verification carefully.

Read privacy

Trust

Security practices

Local AI availability

Use on-device AI when compatible hardware is available and your workflow requires local model requests.

Provider keys

Use dedicated provider keys or accounts where possible for external providers, and rotate them after suspected exposure.

Release checks

Download from the first-party download page or official GitHub releases and review published digests when available.

Sensitive sessions

Avoid sending regulated, confidential, or policy-restricted content to external providers unless you have approval.

Trust

Security review checklist

Before install

Confirm the release source, asset name, version, checksum availability, and current release notes.

Before provider setup

Use scoped provider credentials where possible and document which external services can receive prompts, screenshots, transcript text, or audio.

Before team rollout

Map interview, workplace, privacy, and compliance expectations before recommending any live AI assistant workflow.

FAQ

Common questions.

Short answers for people and crawlers comparing ExtraBrain with other live AI assistants.

Is ExtraBrain secure by default?

ExtraBrain is local-first and can keep requests on-device with local transcription and on-device AI where hardware supports it, but security depends on setup, provider choices, credentials, and session content.

How should I handle provider keys?

Use provider credentials you control, store them only where the app expects them, and rotate or revoke keys after suspected exposure.

Where should I download ExtraBrain?

Use the first-party download page or the official GitHub Releases page, then review release notes and published digests when available.