RunTrim
Install CLI
PrivacyTermsSecurity
Legal

Security

RunTrim is designed to keep source code local and synchronize metadata boundaries only when cloud sync is enabled.

Last updated: 2026-04

Security model

RunTrim is built with a local-first model that minimizes remote data exposure in V1.

The CLI reads local RunTrim metadata and git file paths to support guardrails and run continuity.

Local-first design

RunTrim Free operates locally in your repository using .runtrim artifacts.

Source code is not uploaded by default in V1.

Cloud sync boundaries

Cloud sync is designed to store metadata only, including run status, generated prompts, changed file paths, memory summaries, timestamps, and estimate metrics.

Cloud sync does not intentionally include raw source contents in V1.

Secrets and env files

RunTrim does not intentionally upload .env files, secrets, or raw file contents in V1.

Users are responsible for local repository hygiene and secure environment management.

Service role handling

Supabase service role keys are used server-side only for trusted backend operations.

Service credentials are not exposed to client components.

Reporting security issues

Report security issues to hello@runtrim.com with details needed to reproduce and assess impact.

Contact

Security and trust questions can be sent to hello@runtrim.com.