Open source

Open-source AI meeting notes: what to verify

A public repository is useful, but privacy depends on the whole data path. Here is how to evaluate the license, runtime, storage, network boundaries, and distribution.

Open source is evidence, not a magic label

Source access lets you inspect what a meeting app records, where it stores the result, which hosts it contacts, and what changes when you enable an optional service. It does not automatically prove that a particular downloadable build matches the repository, or that every dependency is harmless. Treat the code as an unusually strong verification tool, then check the actual release and runtime behavior too.

Start with the license

LokalBot is released under GPLv3. You can read, modify, and build the code, and distributed derivative versions must preserve the license obligations. That differs from “source available” products whose licenses restrict commercial use, redistribution, or forks. The repository's license file is the authoritative text.

Trace the meeting data path

For a private notetaker, follow the recording from capture to deletion:

  1. The microphone and selected meeting process produce two local audio tracks.
  2. A downloaded speech engine creates the transcript on Apple Silicon.
  3. The built-in llama.cpp backend can generate a summary locally.
  4. SQLite stores the library and full-text search index.
  5. Optional screenshots are off by default, encrypted at rest, and deleted after 14 days by default.

Then identify the exceptions. LokalBot connects to download models and updates, to set up optional Agent Mode, and to call any non-loopback inference origin you explicitly approve. That distinction is more useful than an absolute “never connects” claim.

Check account and telemetry requirements

An app can be open source while its useful features depend on a hosted account. LokalBot has no account, subscription, analytics service, advertising SDK, or telemetry backend. Its public issue tracker provides community support, and the security policy points vulnerability reports to a private channel.

Build it yourself

The repository includes an XcodeGen project manifest and build instructions. A source build is the strongest way to connect the code you inspected with the binary you run. It also makes the trade-off explicit: local-first software still relies on macOS frameworks and bundled or downloaded model runtimes, so dependency review remains part of a serious audit.

$ git clone https://github.com/stevyhacker/lokalbot.git
$ cd lokalbot
$ xcodegen generate && open LokalBot.xcodeproj

A five-question evaluation

FAQ

Questions about this guide

Is LokalBot free for commercial work?

LokalBot is GPLv3 software and has no usage subscription. Review the license itself for obligations that apply when you modify or distribute it.

Can I audit network access?

Yes. The source is public, and the privacy policy names the normal network paths: models, updates, optional Agent Mode setup, and approved remote inference.

Do I need an API key?

No. The built-in local models work without one. API keys are relevant only if you choose an external compatible backend that requires them.

Try it locally

Meeting notes that stay on your Mac by default.

Free, open source, and no account. Apple Silicon · macOS 15.0+

Download for macOS