Security & Control

SQ2.ai executes engineering work under your control. Every action is bounded, verifiable, and traceable.

Local-first execution

Your code never leaves your machine

SQ2 runs entirely on your infrastructure. All models, indexes, and execution state stay local. No cloud dependency. No external API calls.

Local models

Powered by Ollama. Models run on your GPU. No data sent to external services.

Local state

All indexes, memory, and execution journals stored in ~/.sq2/ on your machine.

No telemetry

No usage tracking. No analytics collection. No background network calls.

Air-gap ready

Fully operational offline after initial setup. No internet required at runtime.

Controlled execution

Structured planning with bounded scope

Every task goes through structured planning before execution. Scope is bounded by file count limits and policy enforcement.

Maximum 5 files per execution tranche
Writes restricted to project root
Dangerous commands blocked by policy engine
Explicit approval required before execution
No automatic git commits
Dry-run mode

Preview every action before it happens

Run any workflow with --dry-run to see the full execution plan without making changes.

bash
sq2 run --workflow analysis --dry-run # Shows: target files, planned steps, risk flags # No files are modified. No commands are executed.
Verification

Every change is checked

After execution, SQ2 runs automated verification: syntax checks, diff coherence analysis, file integrity validation, and test execution.

Syntax validation

Python, JSON, YAML, JavaScript — checked after every write.

Diff coherence

Changes are compared against the original to detect unexpected deletions or rewrites.

Scope enforcement

Modified files are checked against the planned scope. Out-of-scope changes are flagged.

Test execution

Project tests run automatically after changes. Failures trigger the self-heal loop.

Transparency

Full execution trace

Every file read, every file written, every command run — logged and visible. The execution journal is exportable as JSON or CSV.

bash
sq2 run > review # summarize what changed > export json # export full execution journal
Deterministic behavior

No hidden actions

No background execution — SQ2 only acts when you invoke a command
No silent network calls — all model inference is local
No implicit git operations — no auto-commit, no auto-push
No file system access outside the project root
Deployment model

CLI-based, enterprise-compatible

SQ2 is a CLI tool installed via pip. It runs on developer workstations, team servers, or air-gapped environments. No SaaS dependency.

SQ2.ai is not a black box. It is a controlled execution system.

SQ2.ai © 2026
InstallSecurityFAQEnterprisePrivacyTerms