Current public release: latest public release
Security and review materials
KiteScribe is a fully local client-side application with no external interfaces, no cloud dependency for core processing, and release-specific security materials published with each public release.
Architecture
Fully local client-side application
KiteScribe performs audio processing, transcription, and OCR entirely on the host workstation. It does not require cloud services to execute its primary workflow.
Boundary posture
No external interfaces
KiteScribe has no external APIs, services, or endpoints and does not establish cross-boundary data flows as part of normal operation.
Authorization context
Operates within the existing workstation environment
The product is designed to run within the customer’s existing workstation authorization boundary rather than as a separate hosted service or external processing system.
Security package
| Included material | Purpose |
|---|---|
| Architecture and data flow documentation | Shows how capture, transcription, and OCR occur on the endpoint. |
| SSP-lite and IL5 readiness statement | Supports initial evaluation and scoping discussions. |
| NIST SP 800-53 control alignment mapping | Provides reviewer-facing control alignment material. |
| Signed binaries and supply chain documentation | Supports verification of software provenance and secure build practices. |
| SBOM and vulnerability scan outputs | Provides release-specific dependency and vulnerability visibility. |
Release gate. Public security packages are generated as part of the automated build pipeline. A release is produced only after the defined security checks complete successfully.