MDFlux is a local-first desktop app: the user owns the machine, the files, the API key, and the
clicks. The webview renders only the app's own UI and Markdown the user converted from their own
documents (sanitised through marked + DOMPurify). Our threat model therefore focuses on
upstream/integrity issues a user cannot protect themselves against, not on local-access
scenarios that are inherent to any desktop tool.
Please report suspected vulnerabilities privately to muhammadibrahim.ger@gmail.com rather than opening a public issue. Include steps to reproduce and the affected version. We aim to acknowledge within a few days.
Python dependencies are version-pinned and integrity-verified during the one-time setup on first launch. If a downloaded package doesn't match its expected hash, setup stops rather than running unverified code.
- OCR: models ship inside the pinned, integrity-verified OCR package — no separate download.
- Audio (faster-whisper): model weights download from the official Systran HuggingFace repositories on first use of the opt-in audio engine. These are trusted at download time and not yet revision-pinned; pinned verification is planned. If you require a fully verified supply chain, avoid the audio engine for now.
These are standard for a local app where the user controls the environment, and are not treated as vulnerabilities (they would be reopened for any hosted/cloud variant):
- The user's own API key stored in the app's
config.jsonon the user's own disk. - The app reading/writing files the user themselves selected or that the app wrote.
- Document content reaching the optional, opt-in AI cleanup (no tool/function calling, so no exfiltration channel; a data-loss guardrail flags content mangling).