Keeping AI assistance on your own network

Command-line AI is one of those features that’s obviously helpful and quietly dangerous. Helpful, because explaining a gnarly error or drafting a one-liner is exactly the kind of thing a model is good at. Dangerous, because the input is your terminal output — which routinely contains hostnames, tokens, and the occasional pasted secret. Most tools ship that straight to a cloud model by default.

VaultTerm inverts the default.

Local first

AI assistance runs against a self-hosted model on your own network by default. Prompts and output don’t leave the LAN, because the model answering them is on the LAN. For a lot of teams that is the whole requirement: useful assistance, nothing exfiltrated, nothing to explain in a review.

Cloud is an exception, not a default

If you do opt into a cloud model — per organisation, as an explicit policy — output doesn’t go out raw. It passes a redaction gate that strips secrets and a guard that checks for prompt-injection before anything leaves the network. Enabling cloud assist is a decision you make, not a default you have to discover and turn off.

And whether the cloud is allowed at all is an org-level switch you hold. For enterprise, terminal output need not leave the LAN at all.

Catching leaks, not just preventing them

The same pipeline that brokers your sessions also scans command output for credential exposure. A careless paste that drops an API key into a log doesn’t go unnoticed — it’s flagged and audited, so you can rotate before it matters.

That’s the principle across VaultTerm: assistance that defaults to your network, cloud only behind a gate you control, and a record of what happened either way. More on the model on the Security & Trust page.