Local-First Architecture

Exactly What Stays Local

Complete transparency on what data stays on your network, what connects externally, and what you control. No ambiguity.

01

Data flow overview

Three distinct zones. Your network holds everything of substance. External connections are narrow, specific, and under your control.

Your Network
S2T Executable (desktop app)
Local SQLite database
All assessment data
Credentials vault (encrypted)
Discovery results & maps
Generated reports & briefings
Interview transcripts
LLM conversation history
Your API Key
Anonymized prompts only
Your AI Provider
Anonymized prompts only
No customer data included
Your API key, your account
Your spend, no S2T markup
Anthropic, OpenAI, Google, xAI, or Ollama (local)
Optional
License + updates only
S2T Cloud (Optional)
License key validation
Auto-update checks
Accelerator catalog browsing
Anonymous telemetry (opt-in only)

Assessment artifacts are stored locally by default. Outbound processing occurs only when you enable it.

01b

Data handling matrix

Every data type, where it lives, whether it's transmitted, and what you control. This is the reference for security reviews and procurement.

Data Type Default Location Transmitted? Stored by S2T? Retention Your Controls
Assessment evidence
Infrastructure maps, findings, gap analyses		 Local No No Until you delete Export, delete anytime
Discovery results
System inventories, integration maps, dependencies		 Local No No Until you delete Export, delete anytime
Generated reports
Executive briefings, roadmaps, diagrams		 Local No No Until you delete Export, delete anytime
Credentials & API keys
Your LLM keys, connector passwords		 Local (encrypted) No No Until you delete Vault management in Settings
Interview transcripts
Recordings, summaries, stakeholder notes		 Local No No Until you delete Export, delete anytime
LLM prompts
Structured context sent to your AI provider		 Your AI provider Yes — to your provider No Per your provider's policy Provider choice, prompt review, Ollama for local
LLM responses
AI-generated analysis and suggestions		 Local No (stored locally after receipt) No Until you delete Export, delete anytime
License validation
License key, version, machine fingerprint		 S2T license server Yes — to S2T Yes (key + fingerprint only) Duration of license Offline grace period (30 days)
Telemetry
Anonymous feature usage counts		 S2T (if enabled) Only if you opt in Only if you opt in Aggregated, no PII Settings → Privacy (default: OFF)
Auto-update checks
Version comparison request		 S2T (if enabled) Only if enabled No N/A Settings → Updates (default: ON)
MCP tool inputs
Text you send via MCP tools (embeddings, templates)		 S2T accelerator API Yes — to S2T API Processed, not stored Not retained after processing You choose what text to send

This matrix is the authoritative reference for S2T data handling. If any marketing copy contradicts this table, this table is correct.

02

What stays local (always)

These data types are stored locally by default. They are not transmitted to S2T or any third party. Your LLM provider receives only the prompts you send (see matrix above).

Always On Your Network

  • All assessment and discovery data — infrastructure maps, system inventories, gap analyses, and findings
  • Your credentials and API keys — stored in a local encrypted vault, never transmitted
  • Generated reports, executive briefings, roadmaps, and architecture diagrams
  • Interview recordings and transcripts from stakeholder sessions
  • SQLite database containing all project data, history, and configuration
  • LLM conversation history and context — what you asked and what the AI responded
  • Accelerator templates after purchase — downloaded once to your machine, stored locally forever
  • All preferences and configuration — workspace settings, connector configs, user customizations

S2T Never Receives

  • Database records, schemas, query results, or any data from your connected systems
  • Credentials, API keys, passwords, or any authentication material
  • Interview recordings, transcripts, or summaries
  • Assessment findings, gap analyses, or discovery results
  • Generated documents, reports, or roadmaps
  • Your organization's processes, org charts, or internal information
  • Any prompt content you type — prompts go to your AI provider, not to S2T
  • AI responses — LLM output is stored locally in your database
03

What connects externally (you control)

Three external connection types exist. Two are required for AI features and activation. One is entirely optional and can be disabled. You choose what to enable.

Required for AI Features

Your LLM Provider

What is sent

  • Anonymized assessment prompts constructed by S2T
  • You review prompts before they are sent (prompt review mode available)
  • Prompts contain extracted, structured context — not raw system data

What is NOT sent

  • Raw credentials, passwords, or API keys
  • Customer PII or personally identifiable information
  • File contents, database records, or raw query results
  • Interview audio, transcripts, or recordings

Your control

  • Choose your provider: Anthropic, OpenAI, Google, xAI
  • Use Ollama locally for zero external AI connections
  • Select the model and version
  • Enable prompt review to inspect before sending
Connection Direct from your machine to your AI provider using your API key. S2T is not in the path.
Required for Activation

S2T License Server

What is sent

  • Your license key (the string you purchased)
  • Product version number (e.g., 1.0.0)
  • Machine fingerprint — a hash of hardware identifiers for seat enforcement

What is NOT sent

  • Assessment data, project information, or any business content
  • Customer or contact information
  • Usage patterns, feature activity, or telemetry of any kind
  • Credentials, API keys, or connection strings

Frequency

  • Once at initial activation to bind license to machine
  • Periodic validation on application launch (configurable interval)
  • Offline grace period: 30 days before requiring re-validation
Endpoint HTTPS to license.s2tconsulting.com — no other S2T endpoints receive data.
Optional — Can Be Disabled

S2T Cloud Services

Auto-updates (default: on)

  • Checks for new S2T versions in the background
  • Downloads update packages on your confirmation
  • Disable in Settings → Updates → "Check for updates manually"

Accelerator catalog (requires internet)

  • Browses available accelerators and their descriptions
  • Only active when you open the accelerator marketplace
  • Purchased accelerators download once, then work offline permanently

Telemetry (default: off, opt-in only)

  • Anonymous feature usage counts (e.g., "discovery ran")
  • No content, no data, no identifiable information
  • OFF by default. Enable in Settings → Privacy → "Help improve S2T"
What is NEVER sent via any S2T cloud service Assessment data, customer information, credentials, prompts, or any business content.
04

MCP tools vs S2T Executable

S2T offers two distinct products with different data boundaries. Understanding the difference matters if you use both.

💻

S2T Executable

What it is Desktop application for AI transformation assessments. Runs on your Windows machine.
Where it runs Entirely on your network. Local-first by design.
External connections Your LLM provider (your key), S2T license server (activation only), optional update/catalog services.
Your data handling All assessment data stays local. Never transmitted to S2T.
Uses MCP tools? No. The S2T Executable does not use MCP tools for discovery, assessment, or report generation.
🔌

S2T MCP Tools

What it is Developer utility tools for Claude Code and AI IDEs: embedding generation, CloudFormation templates, OAuth validation.
Where it runs Calls S2T cloud APIs. Requires internet. Designed for developer workflows.
External connections Sends API requests to S2T accelerator platform for embeddings, CloudFormation generation, and validation checks.
Your data handling Processes the text you explicitly send in each tool call. You control what text is included.
Target user Developers using Claude Code, Cursor, or other MCP-compatible AI coding environments.

Key distinction: MCP tools are developer utilities that process the specific text you explicitly provide in each API call. They are not agents that autonomously read your files or local data. The S2T Executable (the desktop assessment app) does not use MCP tools at all — it uses your chosen LLM provider directly from your machine.

05

Zero external connection mode

S2T can run with zero external connections. Every external connection has a local alternative or can be disabled.

🤖

Use Ollama Instead of Cloud AI

Run an LLM locally with Ollama (Llama 3, Mistral, etc.). S2T supports Ollama as a first-class provider. Zero tokens leave your network — inference happens entirely on your hardware.

🔑

Evaluation Mode (No Activation)

Run S2T in evaluation mode before activating your license. Core discovery and assessment features work without the license server call. Activate once when you're ready to use advanced features.

🚫

Disable Auto-Updates

Turn off automatic update checks in Settings. Manually download new versions from your portal account when needed. S2T never pings the update server if this is disabled.

📦

Skip the Accelerator Marketplace

The accelerator catalog only makes network calls when you open the marketplace tab. Ignore it entirely and the connection never occurs. Purchased accelerators already in your vault work offline.

🔒

Result: Fully Air-Gapped Operation

Ollama + evaluation mode or activated license + auto-updates disabled + no marketplace browsing = S2T running with zero external connections on your network. Your firewall can block all outbound from the S2T process and it will continue to function for assessment and discovery work.

06

Your controls

Specific settings in S2T give you explicit control over every data boundary. These are not theoretical — they are real toggle points in the application.

1

LLM Provider Selection

Settings → AI Provider. Choose between Anthropic, OpenAI, Google, xAI, or Ollama. Switch at any time. Changing to Ollama eliminates all AI-related external connections immediately.

2

Prompt Review Before Sending

Settings → Privacy → "Review prompts before sending". When enabled, S2T shows you the full prompt it has constructed before sending it to your AI provider. You can edit or cancel any prompt.

3

Telemetry Opt-In/Opt-Out

Settings → Privacy → "Help improve S2T". Defaults to OFF. When enabled, sends only anonymous feature usage counts (no content). Toggle OFF at any time — takes effect immediately.

4

Auto-Update Enable/Disable

Settings → Updates → "Automatically check for updates". Defaults to ON. Disable to prevent all update server communication. Check manually from the same settings panel.

5

Full Data Export

File → Export Project. Exports your complete SQLite database, all generated reports, and all assessment data to a folder of your choice. Human-readable JSON + original file formats. No S2T account or internet needed.

6

Complete Data Deletion

File → Delete All Data. Wipes the local SQLite database, all generated files, all credentials from the vault, and all configuration. Nothing persists externally — there is no S2T server-side copy to request deletion of.

Questions about data handling?

We document every data boundary because transparency builds trust. See the matrix above for the authoritative reference.

Download S2T Read Security Policy