For security reviewers and integrators
Health Export AI is local-first and read-only — there is no account and no developer server, so the developer is never in your data path. This page documents how the product and its surfaces are hardened. Using the app? The plain-language version lives on the privacy page.
Every page asset on this site — scripts, styles, fonts, images — is served from our own origin. There are no third-party scripts, fonts, trackers, or analytics, and the site is built to pass independent security-header audits. The MCP server itself is two zero-dependency Node files.
The MCP server artifacts are minisign-signed with a public key that is pinned from a second, independent source — the GitHub repository and SKILL.md, not only this site — so a compromise of the origin alone cannot swap both an artifact and its signing key. Every download is also SHA-256 checksummed. Agents and integrators should verify the signature and the checksums and fail closed on any mismatch before running anything. The verify recipe is in SKILL.md.
For reviewers, the edge and DNS are configured with:
'self' Content-Security-Policy (object-src, frame-src, and frame-ancestors set to none)p=reject + SPF — spoofed email claiming to be from the domain is rejectednosniff), and a restrictive Permissions-PolicyEmail [email protected]. Machine-readable contact details are at /.well-known/security.txt.