WebLLM

Security & Privacy

Privacy-first design. User-controlled permissions. Full transparency.

Core Principles

Per-Site Permissions
Like camera or geolocation access. Each website must request permission. Users can revoke anytime.
Full Transparency
Every request is logged. Users see exactly what data is sent and which provider processes it.
Local Processing Option
Users can choose local models for zero external data sharing. Models run in-browser via WebGPU.
No External Telemetry
All data stored locally in IndexedDB. No tracking, no analytics, no external servers.

Permission System

How it works:

• First request from a website triggers permission prompt

• User can allow, deny, or allow once

• Permissions are per-origin (like geolocation API)

• All permissions viewable and revocable in extension UI

Example Permission Flow:

1. User visits example.com

2. Site calls navigator.llm.generate(...)

3. Extension shows prompt: "Allow example.com to use AI?"

4. User grants permission

5. Request proceeds, permission saved

Data Storage

What's stored locally:

Conversations

Request/response history with configurable retention (auto-delete after N days)

Provider Configs

API keys (encrypted), priorities, settings

Permissions

Which origins have been granted access

Usage Stats

Token counts, costs (for user tracking only)

All data stays on your device

WebLLM has no backend servers. Data is never sent to WebLLM infrastructure.

Privacy Controls

Data Retention Policy

Configure automatic deletion: Keep history for 7 days, 30 days, 90 days, or forever. Old conversations auto-delete.

Provider Selection

Choose different providers per site. Use local models for sensitive data, cloud APIs for general tasks.

Request Review

View full request history. See exactly what prompts were sent and which providers processed them.

Compliance Readiness

GDPR

User-controlled data processing, no external telemetry, data portability via export

HIPAA

Use local models for PHI - data never leaves device, no cloud processing

Audit-Ready

Complete request logs, open source codebase (MIT), no hidden endpoints

Open Source Security

MIT Licensed - Fully Auditable

• Full source code on GitHub

• No minification, no obfuscation

• Community security reviews

• Transparent development

• Fork-able and self-hostable

View Source Code on GitHub →

Security Best Practices

For Developers

• Never request more permissions than needed

• Document what AI features do with user data

• Provide gateway fallback for 100% user coverage

• Use HTTPS for all production deployments

For Users

• Review permissions regularly

• Use local models for sensitive data

• Set data retention policies

• Revoke access for unused sites