#122 · Privacy: requireLocal flag for room-catchup AI calls (no silent OpenAI fallback)
Description
Context
apps/signal-bot/src/src/utils/room-catchup.ts:97-107 calls callAI({ ..., preferLocal: true }). The preferLocal flag tries LocalAI first, then silently falls back to OpenAI if LocalAI is unreachable.
For the per-room catch-up summary (which feeds the last 3 hours of group conversation to an LLM), the privacy intent is "stay on community-hosted infra when possible." A silent fallback to a third-party model defeats that intent without any user-visible signal.
Acceptance criteria
- [ ] Add a new
requireLocal: booleanflag toAICallParamsinpackages/shared-utils/src/ai-provider.ts - [ ] When
requireLocal: trueand LocalAI is unreachable, returnnull(or a typed "local-only failed" result) instead of falling through to OpenAI - [ ] Update
room-catchup.tsto userequireLocal: true(or keeppreferLocalbut check the result'sproviderfield and reject if it'sopenai) - [ ] On
requireLocalfailure, return{ status: 'skipped_no_ai' }instead of{ status: 'failed' }so the welcome flow handles it gracefully - [ ] Add a unit test asserting requireLocal=true + LocalAI down returns null (not an OpenAI response)
- [ ] Document the policy in the file header of
room-catchup.tsso future changes don't accidentally regress
Why this matters
Every member who joins a Signal group while the bot is running has the last 3 hours of that group's chat content potentially routed through OpenAI's API today, depending on LocalAI uptime. That's not an active leak (no PII deliberately included), but it's also not what the user understands the privacy posture to be when they see "preferLocal: true" in the code.
Technical hints
- The shared-utils
callAIalready returns{ content, provider }— provider is'openai' | 'localai'. The simplest enforcement is a post-call check:if (requireLocal && result.provider !== 'localai') return null; - Health-check LocalAI before the call: a 1-second
fetchwith timeout to its/healthendpoint, cache result for 60 seconds
--- *S-tier (50 pts + 40 merge_pr = 90). Privacy-policy enforcement; no exploitable bug, but quietly violates user expectations today.*
Relevant files
No relevant files linked yet.
Hints
No hints yet.
Activity
- +50 Günther Van der Eecken earned S bounty Jun 14
Comments
Sign in to join the discussion.
No comments yet. Be the first to weigh in.