Host · Trust & Security
What Protects the User
The more automation LVIS does, the more the question 'is this safe?' matters to the user. This page gathers, in one place, the safety limits LVIS has in place to protect the user.
Only source-verified packages are installed
Secrets live in the OS secure store
Risky actions always ask for user confirmation
Data stays only on your PC
Delegation consent is preserved as a chain
Internal-only plugins work only on the internal network
Audit log — every action, one line at a time
Every action LVIS performs automatically (tool calls, permission grants, mail sent, automation fired) is recorded as a single line in secure storage. Users can open this log anytime to check things like "how many times did LVIS touch my mail today?" or "who turned on this automation?"
- Split by date, one file per day — easy to search.
- No automatic cleanup by the host. Records are preserved as-is unless the user deletes them directly.
- Sandbox actions (running external code) are kept in a separate log and stored even more conservatively.
No workarounds
- 01
Revoked permission stops execution immediately
Once a granted permission is revoked by the user, any tool that needed it stops immediately on the next call, with no fallback, and asks the user to grant it again.
- 02
What's disallowed stays disallowed
Risky actions are never routed around under the name of a "plan B." A disallowed action stays disallowed — this prevents an action the user thought they'd consented to "a while back" from quietly happening again.
- 03
Only allowed sources are trusted
External domains, external tools, and external servers are trusted only when the user has explicitly registered them. There's no such thing as an allow-listed domain hardcoded into the code.
- Every action LVIS took today — the audit log.
- Currently active permissions / delegations / automations — the settings screen.
- The types of secrets each plugin holds — Settings → Plugins → Permission management.
- The time of the last automatic update and the version before it — Settings → App → Update status.