Documentation

Security & privacy

What TURI touches, what leaves the Mac, and honest limits.

Endpoint Security

AUTH and NOTIFY events for exec, files, signals.

Network Extension

Content filter + DNS proxy for flows and domain cache.

App Groups

group.com.macfirewall.shared between app and extensions.

Data handling

See Privacy Policy. Local JSONL under /Users/Shared; optional anonymized trace upload; enterprise spine ingest when configured.

Known limitations

  • Process attribution failures on some system PIDs
  • IPv6 DNS cache string mismatch with NE endpoints
  • TCP DNS proxy incomplete
  • Behavioral rules often block the next action, not the first
  • Optional mf exec — most agents lack token producers
  • NE policy often scoped to AI/MCP-class flows only

Running AI agents on Mac at scale? We'll tune policy with you.

Design partners →