Napcar

Permissions & privacy

How Napcar gates local AI per site, what it records, and how quotas work.

First use

The first time a site requests local AI, Napcar shows a permission prompt:

example.com wants to use local AI models on this Mac. Data sent to the local model may include text or images provided by this page. Execution happens locally through Napcar unless cloud fallback is allowed.

[Allow once] [Always allow for this site] [Deny]

Image input and cloud fallback are called out explicitly when requested.

Per-origin settings

Each origin has a permission (ask / allow / deny), a cloud policy (allow / warn / block / substitute-local), and flags for image input, embeddings, and whether the exact model id may be revealed. Manage them in chrome://llm.

Quotas

Default per-origin limits prevent runaway usage:

  • 20 requests per minute
  • 200,000 input characters per minute
  • 2 concurrent requests (4 globally)

Exceeding a limit yields quota_exceeded (HTTP 429 on the OpenAI endpoint).

What is recorded

Napcar keeps a local, metadata-only audit log — origin, task, model alias, token estimates, duration, and success/failure. Raw prompts and responses are not stored by default.

Handoff modes

Control whether LLM execution happens locally, may fall back to the cloud, or is forced local by the user.

Examples

Common Napcar integration patterns — detection, streaming UI, structured extraction, and embeddings.

On this page

First usePer-origin settingsQuotasWhat is recorded