← Back to Slate

Trust / Current model

Control is visible.

Permission modes

New code conversations default to Ask. File writes and shell commands require approval. Edits allows file writes inside the selected project while shell commands still ask. Auto skips confirmations and is an explicit high-trust choice.

Workspace scope

File tools canonicalize paths and reject paths outside the selected project, including symlink escapes. The shell starts in that project, but a shell can access resources outside it and can use the network. Do not use Auto with an untrusted prompt or model.

Local and cloud paths

Ordinary local inference, memory, speech and image generation do not intentionally upload user content. Optional cloud engines send relevant task context to the configured provider. Model downloads contact their host.

Distribution

Public builds are Developer ID signed, notarized and stapled before distribution. Slate does not offer an unsigned download.

Reporting a vulnerability

Report security issues to info@lange-co-consulting.de with the subject “Slate security report”. Please do not include secrets or personal data unless a secure channel has been agreed. We aim to acknowledge reports within a few business days.