Trust & security
AgentOp is built so that the most sensitive things — your prompts, your API keys, and your agent's code — never have to reach our servers. Here is exactly how that works, in plain terms.
What our servers never see
When you run an agent with a local model, the prompt and its output stay in your browser tab — there is no server for them to reach. When you use your own OpenAI or Anthropic key, the browser talks to that provider directly; your key is never sent to, or stored on, AgentOp.
Your API keys are encrypted in your browser
If you save a provider key, it is encrypted client-side with the Web Crypto API before it is ever written to storage: AES-256-GCM with a key derived via PBKDF2 (600,000 iterations, SHA-256) — the current OWASP recommendation. The encrypted blob lives in your browser's same-origin storage; AgentOp only ever sees ciphertext it cannot read.
Agent code is generated on demand, never stored
The standalone HTML file for an agent is generated fresh each time you download it and is never written to disk on our servers. There is no folder of generated agents to leak — the artifact only exists in the response stream to your browser.
Local models run fully offline
Local agents use wllama (llama.cpp compiled to WebAssembly) and run entirely on your device — on your GPU via WebGPU, which needs a WebGPU-capable browser and a graphics card (or an Apple Silicon Mac). After the one-time model download (~0.5–7.5 GB depending on the model, cached for reuse), a downloaded agent works with no network at all.
The one place we do run inference — and what it logs
The optional sponsored AI generator (one free agent generation per day, on our key) is the single feature where a request runs on our server. For that path only, we keep an audit row so we can prevent abuse and watch cost: a timestamp, your account, the client IP, the model used, token counts and an estimated cost, and a success/error code. We do not use it to profile you, and it does not apply to bring-your-own-key or local agents.
Who processes data on our behalf
- Hosting & database — DigitalOcean (App Platform + Managed PostgreSQL)
- Transactional email — Amazon SES (verification, password reset, notifications)
- OpenAI — only for the sponsored free-tier generator, on our key
Your own provider keys are never in this list — those calls go browser-to-provider.
More questions? See the FAQ or our privacy page.