Is this safe to install on my Mac?
Julian Benegasrun a security audit on this to ensure this is safe for me to install onto my mac
Claude Opus 4.5I'll help you run a security audit on this repository before you install it on your Mac. Let me start by exploring the codebase structure and understanding what this project does.
This is a Tauri application (Rust backend + web frontend). Let me examine the key security-relevant files:
Now let me examine the Tauri security configuration, entitlements, and capabilities:
Let me look at the Rust source code for any network activity, file system access patterns, and key security concerns:
Let me check for clipboard access, keyboard input monitoring, and any file operations:
Let me check where network calls are made and what data is being transmitted:
Let me check the actions and audio recording to understand what data is captured and how it's handled:
Now let me check the transcription manager and history manager to understand data persistence and whether any data is sent externally:
Let me check what URLs/endpoints the application connects to and how the updater works:
Now let me check on any potential security concerns in the swift native code and the frontend:
Let me check the i18n files to ensure the dangerouslySetInnerHTML is only used with trusted content:
Good - the dangerouslySetInnerHTML is only used for static translation strings with simple HTML (<code> tags), not user-supplied content.
Now let me check for any data exfiltration or telemetry:
Let me see more about the matches for analytics/telemetry to verify no data collection:
Good - the matches are all for standard Rust HashMap, collect() iterator method, and migration tracking (database schema migrations) - no telemetry or analytics.
Let me also check the GitHub workflows for supply chain concerns:
Now let me provide you with a comprehensive security audit summary:
#🔐 Security Audit Report for Handy (cjpais/Handy)
##Overview
Handy is a Tauri-based (Rust + React/TypeScript) speech-to-text application that runs entirely offline. After reviewing the codebase, here's my security assessment for macOS installation:
##✅ VERDICT: Generally Safe to Install
The application appears to be designed with privacy in mind and doesn't exhibit malicious behavior. However, there are some considerations you should be aware of.
##Security Findings
###✅ Positive Security Aspects
| Category | Finding |
|---|---|
| Privacy-Focused Design | Transcription happens 100% locally using Whisper/Parakeet/Moonshine models. Audio data is NOT sent to external servers. |
| No Telemetry/Analytics | No tracking, analytics, or data collection code found. |
| Open Source | Full source code available for inspection (MIT licensed). |
| Minimal Network Access | Network requests are limited to: model downloads (blob.handy.computer), update checks (GitHub releases), and optional LLM post-processing. |
| Tauri Security Model | Uses Tauri's permission-based capabilities system with explicit, narrowly-scoped permissions. |
| Local Data Storage | History/recordings stored in local SQLite database in app data directory. |
###⚠️ Security Considerations (Not Vulnerabilities)
| Category | Details | Risk Level |
|---|---|---|
| macOS Entitlements | Requests microphone and audio-input access - required for core functionality | Expected |
| Keyboard Shortcuts | Uses global shortcut registration (rdev library) - required for push-to-talk | Expected |
| Clipboard Access | Accesses clipboard to paste transcribed text - core feature | Expected |
| System Commands (macOS) | Calls osascript to mute/unmute audio, ioreg/pmset to detect clamshell mode | Low |
| LLM Post-Processing (Optional) | If enabled, sends transcriptions to user-configured API endpoints (OpenAI, Anthropic, etc.) | User-Controlled |
| Auto-Updater | Checks GitHub for updates (https://github.com/cjpais/Handy/releases/latest/download/latest.json) | Low |
###📋 Tauri Capabilities/Permissions Requested
// From src-tauri/capabilities/default.json
- core:default
- opener:default
- store:default (local settings storage)
- updater:default
- process:default
- global-shortcut:* (keyboard shortcuts)
- macos-permissions:default
- fs:read-files, fs:allow-resource-read-recursive (read models/resources)
// From src-tauri/capabilities/desktop.json
- autostart:default (optional start on login)
###🌐 Network Endpoints Contacted
| Endpoint | Purpose |
|---|---|
blob.handy.computer | Downloads Whisper/Parakeet/Moonshine ML models |
github.com/cjpais/Handy/releases | Auto-update checks |
| User-configured (optional) | Post-processing via OpenAI, Anthropic, Groq, etc. APIs |
###🔧 unsafe Rust Code
Limited to platform-specific system integrations:
- Windows audio muting via Win32 API
- macOS overlay window positioning
- Swift FFI bridge for Apple Intelligence (macOS 26+)
All unsafe blocks are appropriately scoped and necessary for system integration.
###🧩 Third-Party Dependencies
Notable external dependencies:
rdev(keyboard/mouse input) - fromrustdesk-orgforkvad-rs,rodio- from author's forks (cjpais)tauri-nspanel- macOS panel support- Standard Tauri ecosystem plugins
Note: Some dependencies are from GitHub forks rather than crates.io - this is common but means the author controls these specific versions.
##Recommendations Before Installing
-
Download from official sources: Use GitHub Releases or handy.computer
-
Verify signing: On macOS, check that the app is properly signed (if distributed via DMG)
-
Review permissions: Grant only the permissions requested (microphone, accessibility)
-
Post-processing caution: If you enable LLM post-processing, understand your transcriptions will be sent to those third-party APIs
-
Build from source (optional): For maximum assurance, build it yourself following BUILD.md [blocked]
##Summary
Handy is a legitimate, privacy-focused speech-to-text tool. The codebase shows no signs of malicious behavior, data exfiltration, or hidden tracking. The permissions it requests are appropriate for its functionality. The main author (cjpais) maintains several related libraries which are used as dependencies.
It's safe to install with the understanding that:
- It needs microphone access (required for speech recognition)
- It uses global keyboard shortcuts (required for push-to-talk)
- Models are downloaded from the author's server on first use
- Post-processing features (if enabled) send data to external LLM providers
END OF POST