Security

Design IQ reads and writes files only inside the folder you pick as your workspace, plus a small set of app-private directories under ~/.designiq/ for chat history and workflow state. Every file operation is gated by a path-resolution check that follows symlinks and verifies the resolved target stays inside the allowed root.

The workspace boundary cannot be silently widened — switching workspaces requires picking a new folder via the OS file dialog or confirming a native “allow this folder?” prompt. The AI assistant cannot change the boundary on its own.

The assistant has no delete or trash tool. Edits it proposes appear as pending changes in the editor; you must explicitly save (⌘S / Ctrl+S) for any change to reach disk.

All outbound traffic uses HTTPS. Your prompt, conversation history, and any files the assistant reads from the workspace are sent to the Design IQ backend, which authenticates the request and forwards it to Google’s Gemini Enterprise Agent Platform. The response streams back to the app.

No file content is sent anywhere else. The only other outbound traffic is the auto-update check (GitHub Releases), UI webfont loads, and an on-demand Python runtime fetch — and only when you invoke a Python tool.

Google’s Service Specific Terms for the Gemini Enterprise Agent Platform commit to not using customer data to train or fine-tune AI/ML models without prior permission. This applies to Google’s own Gemini models and to partner models served through the platform (Anthropic Claude, Meta Llama, Mistral). Your prompts and responses are not shared with the model publishers.

By default, Google’s Gemini models cache inputs and outputs in-memory only (not at rest), isolated per Google Cloud project, with a 24-hour TTL. Caching can be disabled at the project level for customers requiring formal zero-data-retention posture.

Sign-in is managed by Clerk. The desktop app receives a short-lived JWT after sign-in, encrypted at rest using each platform’s OS keychain (macOS Keychain, Windows DPAPI, Linux Secret Service) via Electron’s safeStorage API.

No AI API keys live in the desktop app. All AI traffic flows through the Design IQ backend, which holds the Gemini Enterprise Agent Platform service-account credentials server-side and never exposes them to the client.

Design IQ uses the following sub-processors to operate the service:

• Google — Gemini Enterprise Agent Platform (model serving). Receives your prompt and any file content the assistant reads from the workspace.
• Clerk — authentication. Receives email and standard auth flow data.
• Exa — web search. Receives model-generated query strings only; never file content.
• Neon — backend usage metadata (user ID, model name, token counts, status, duration). No message or file content.
• GitHub Releases — update artifact distribution. HTTP request metadata only.

Windows builds are signed with an EV code-signing certificate (SHA-256) issued to Design IQ, Inc. Signing happens automatically in our release pipeline (GitHub Actions).

macOS Developer ID enrollment is in progress. Until that is in place, macOS users see the standard first-launch warning and right-click → Open to allow installation. The runtime security controls (sandboxed workspace access, no delete tool, server-side keys) apply to every build regardless of signing.

Auto-update uses electron-updater against our dedicated public release repository on GitHub. Updates are HTTPS-only and signature-verified per platform.

Email security reports to lex@designiq.app with “Security” in the subject line. Acknowledgment within 1 business day. Design IQ will not pursue legal action against researchers who report vulnerabilities in good faith and follow coordinated disclosure.

For IT and security teams evaluating a deployment, we maintain a detailed reference covering architecture, network endpoints, filesystem boundary enforcement, sub-processor contracts, vulnerability management, and incident response. Email lex@designiq.app or book a review call to request it.