Security
Security
Your files. Your machine. Your control.
Bridge is an AI agent that works on your files — locally, safely, and transparently. This page explains how we protect your data and give you full control over what AI can and cannot do.
Your data stays on your machine
Bridge runs on your Mac. Your files never leave your computer for processing.
When an AI agent works on a task, it runs inside a secure, isolated environment on your machine — not on our servers, not in the cloud. Only the files relevant to your task are made accessible to the agent, and even then, they're mounted as read-only.
This is fundamentally different from cloud-based AI tools that upload your files to remote servers. With Bridge, your data stays with you.
AI cannot change your files without your permission
Bridge uses a "sandbox" — a separate, isolated workspace where the AI agent does its work. Here's what that means for you:
- Your files are protected. The agent can read the files it needs, but all changes happen in a temporary copy. Your original files are never modified directly.
- You review everything. When the agent finishes, Bridge shows you exactly what changed — a clear before/after diff. You choose to accept or reject each change.
- Nothing is permanent until you say so. If you reject the changes, nothing happens. Your files stay exactly as they were.
Think of it like track changes in a document — except the AI can't turn off "track changes" or bypass your review.
Your data is never used to train AI
We want to be clear about this:
- Your files are never used to train AI models. Not by us, not by our AI providers.
- Your conversations and prompts are not used for training. What you say to Bridge stays between you and the agent.
- We do not sell or share your personal data with third parties for advertising or any other purpose.
- We do not access your files unless you explicitly ask us to (e.g., for support).
When AI needs to think, some data leaves your machine
Let's be transparent about how AI processing works.
When an AI agent reasons about your task — understanding your request, analyzing your files, generating a response — Bridge sends relevant context to the AI model provider (such as OpenAI or Anthropic) via encrypted connections. This is how the AI "thinks" about your task.
What we do to protect you:
- Only the minimum context needed for the current task is sent — not your entire file system
- All transmissions are encrypted (TLS 1.3)
- AI providers are contractually prohibited from storing your data or using it for training
- We do not store the prompts or AI responses on our servers
- You are always in control of which files the agent can access
We believe in being honest about this. "Local-first" means your files stay on your machine for storage and execution. But when AI needs to reason, relevant context is sent securely and ephemerally to generate a response.
How the sandbox works
For those who want to understand the technical details:
Bridge creates a lightweight virtual machine (VM) on your Mac using Apple's built-in virtualization technology. This VM is a completely separate computing environment — like a computer within your computer.
- Isolated execution — Agent code, commands, and file operations run inside the VM, separated from your macOS system. A misbehaving agent cannot affect your host system.
- Read-only file access — Your files are shared with the VM in read-only mode. Changes accumulate in a temporary layer that gets discarded when you reject or the session ends.
- Controlled networking — The VM does not share your network connection directly. Its internet access is mediated through a user-space network layer, so it cannot scan your local network or access other devices.
- Ephemeral sessions — Each agent session starts clean and is destroyed when complete. No residual data lingers between sessions.
Permissions are always explicit
Bridge never silently takes control. Every sensitive capability requires your approval:
| Permission | What it does | When it's used |
|---|---|---|
| Sandbox access | Lets the agent work on files in the isolated VM | Every agent task (default) |
| Host access | Lets the agent interact with your actual system (e.g., open an app) | Only when a task requires it — you're always asked first |
| Screen understanding | Lets the agent see your screen to help with visual tasks | Only when you enable Computer Use — requires separate approval |
| Microphone | For voice commands and meeting features | Only when you use voice features |
| Calendar | To help with scheduling-related tasks | Only when you connect your calendar |
- Permissions are per-session — they reset when the session ends.
- Agents cannot escalate their own permissions — they can't grant themselves access you haven't approved.
- You can deny any permission at any time.
How we protect your account
- No passwords — Bridge uses passwordless authentication. You sign in with your email and a verification code. No passwords to steal or leak.
- Secure token storage — Your session is stored in the macOS Keychain, protected by Apple's security infrastructure.
- Third-party connections — When you connect services like Slack, GitHub, or Google, Bridge uses standard OAuth with scoped permissions. You can revoke access at any time. Agents never see your raw login credentials.
Telemetry and analytics
Bridge collects basic, anonymized usage data to help us improve the product — things like feature usage patterns, performance metrics, and crash reports.
What telemetry does not include:
- Your file contents
- Your prompts or conversations
- Your personal information
- Any content from your connected services
All telemetry is transmitted over encrypted connections. We are working on providing an opt-out option for users who prefer to disable telemetry entirely.
Vulnerability reporting
If you discover a security vulnerability in Bridge, please let us know:
Email: security@bridge.surf
We acknowledge reports within 48 hours and provide an initial assessment within 5 business days. We work with reporters to resolve issues before public disclosure.
Compliance
- GDPR / UK GDPR — Our Privacy Policy addresses EU and UK data protection requirements.
- CCPA / CPRA — California-specific disclosures are included in our Privacy Policy.
For details, see our Privacy Policy.
Questions?
For security questions, contact us at security@bridge.surf.
For privacy inquiries, email privacy@bridge.surf or see our Privacy Policy.