Claude for Linux is an unofficial community client. It is NOT developed, maintained, or endorsed by Anthropic. Use at your own discretion.

1. API Key: Your Anthropic API key grants access to paid API services
2. Conversation Data: May contain sensitive personal or business information
3. System Integrity: The application should not compromise your system

• Primary: System keyring via D-Bus Secret Service API
  • GNOME Keyring (GNOME, MATE, Cinnamon)
  • KWallet (KDE Plasma)
• Fallback: Encrypted file with user passphrase (if keyring unavailable)
• Never: Plain text files, environment variables on disk, logs

API Key Flow:
User Input → Validation → Keyring Storage → Memory (when needed) → API Call
                                 ↓
                         Encrypted at rest

• Location: ~/.local/share/claude-for-linux/
• Permissions: Directory created with mode 0700 (owner only)
• Database: SQLite with optional SQLCipher encryption
• Future: Full database encryption with key derived from:
  • Machine ID
  • User salt (stored in keyring)
  • PBKDF2-HMAC-SHA512 (256,000 iterations)

• HTTPS only for API communication
• No HTTP fallback
• Certificate validation enabled
• Proxy support with authentication
• No third-party analytics or tracking

The application uses Tauri's capability-based security model:

{
  "permissions": [
    "core:default",
    "app:allow-get-api-key",
    "app:allow-set-api-key",
    "app:deny-execute-shell"
  ]
}

• Commands require explicit permission grants
• No shell execution commands exposed
• Input validation in Rust backend

default-src 'self';
img-src 'self' data: https:;
script-src 'self';
style-src 'self' 'unsafe-inline';
connect-src 'self' https://api.anthropic.com

• pnpm-lock.yaml and Cargo.lock committed to repository
• Dependabot enabled for automated security updates
• cargo audit and pnpm audit run in CI
• Signed releases with checksums

When enabled:

• Conversations are not saved to disk
• Only kept in memory during session
• Automatically cleared on app close

• One-click option to clear all local data
• Removes: conversations, messages, settings, API key
• Database file securely deleted

• No analytics or telemetry by default
• Optional opt-in for anonymous usage statistics (future)
• Never collects: conversation content, API keys, personal data

If you discover a security vulnerability, please report it responsibly:

1. DO NOT create a public GitHub issue
2. Email details to: [security@example.com] (replace with actual contact)
3. Include:
   • Description of the vulnerability
   • Steps to reproduce
   • Potential impact
   • Suggested fix (if any)

We aim to respond within 48 hours and provide a fix within 7 days for critical issues.

• Subscribe to GitHub releases for security updates
• Critical vulnerabilities will be announced via GitHub Security Advisories
• Update to the latest version promptly

1. Protect your API key: Treat it like a password
2. Keep the app updated: Install security updates promptly
3. Use Privacy Mode: For sensitive conversations
4. Review permissions: Check what the app can access
5. Verify downloads: Check checksums of downloaded packages

Major dependencies and their security considerations:

• ❌ No formal security audit performed
• ✅ Open source for community review
• ✅ Static analysis tools (clippy, eslint) in CI
• 🔄 Planning formal audit for v1.0 release

Last updated: 2024-11-24