Local-first
TableFuse reads and writes files on your local disk. No server stores your files, no database indexes your data, no network request transmits raw cell contents. Your disk → TableFuse has full read/write access. TableFuse → model provider sends column schemas, row counts, and aggregates only. Raw rows are never transmitted.
Encrypted key storage
Model API keys are stored in your OS keychain (macOS Keychain). Never written to plaintext config files, environment variables on disk, or application logs.
Data minimization
The agent sends only column names, data types, row counts, and computed aggregates to your model provider. Full row data is never sent. Every tool call is logged in the chat panel so you can verify exactly what was transmitted.
Source-available
Released under BSL 1.1. Read the codebase, audit the agent's tool definitions, and verify every claim on this page.
View source →Session isolation
Web preview files are held in server memory and deleted when the session ends. Sessions are isolated between users. All traffic runs over HTTPS with TLS 1.3.