Built a desktop AI that never sees or stores the user's Anthropic API key. Here's the architecture + why I refused to build it as a proxy.
Posted by samarth_bhamare@reddit | LocalLLaMA | View on Reddit | 8 comments
Every "AI app" on Product Hunt today is a proxy — they take your API key, route requests through their server, and most of them quietly mark up inference cost 2-10x. I wanted to build the opposite: a desktop coach that talks to Claude directly from the user's machine with zero middleware.
Here's what that actually looks like:
Key storage. First run, the app asks for the Anthropic key and stores it in the OS-native credential store — Windows Credential Manager, macOS Keychain, libsecret on Linux. The key never touches a file on disk, never gets logged, never gets sent anywhere the user didn't explicitly click.
Inference calls. Every Claude API call goes direct from the user's machine to api.anthropic.com. No proxy, no aggregation, no "we'll handle rate limiting for you." If Anthropic is down, the app is down. If Anthropic changes the pricing, the user feels it immediately. Honest trade-off.
Telemetry. Zero analytics on prompts or responses. The only telemetry is an app-open counter (no user ID, no content) so I know if the thing is being used at all. If you run netstat while the app is open, you'll see exactly two outbound hosts: api.anthropic.com for inference and one GitHub release URL for auto-update checks.
Skills architecture. The app ships as a Claude Code skill bundle + a desktop UI wrapper. The skills live in ~/.claude/skills/. Which means even if the desktop app breaks or gets abandoned, the skill files still work standalone inside Claude Code. The user owns the files, not the vendor.
Three reasons I keep getting asked "why not just be a SaaS":
- SaaS economics force you to mark up API calls, which means the product has to provide "value" equal to the markup, which means it has to restrict what you can do, which means the user gets less leverage from their own API key.
- Key custody is a liability. If I store your key, I'm one breach away from ruining my own reputation. Not storing it is cheaper for everyone.
- Local-first means the user owns their workflow forever. The app is infrastructure, not a subscription.
Trade-offs I accept: no cross-device sync, no team features without rebuilding from scratch, no ability to fix a bug for the user without shipping a new binary. For a solo-founder-built tool targeting other solo founders, those are fine trade-offs.
Happy to answer anything technical about the key-handling flow or the skill file structure.
samarth_bhamare@reddit (OP)
For anyone curious what the actual product is, it's at clskillshub.com/sales-agent-saas. Not posting the link in the body because this sub (rightly) downvotes anything that smells like promo. But the architecture above is exactly how it's built.
ttkciar@reddit
Posting the URL in a comment like that won't save your spammer ass, either.
HyperWinX@reddit
Lmao
Frizzy-MacDrizzle@reddit
That’s a pretty high level conversation of tills. This is low level place for those that run llama and inference engines via command lines,
FalconX88@reddit
I mean....that's simply using their API directly? Am I missing something? That's the basic setup for connecting any tool to anthropic or any other provider.
samarth_bhamare@reddit (OP)
Technically yes, it's a direct API call — the code isn't the interesting part.
What's not trivial is that most desktop AI apps on the market do the opposite. They take your key, route through their backend, mark up the calls, and log your prompts. The "direct call + OS keychain storage + zero prompt telemetry" combo is common sense, but uncommon in shipping product.
The framing here is about what buyers are used to seeing, not what's possible to build. Fair to push back that it doesn't clear the bar for this sub though.
FalconX88@reddit
It is trivial. You just use anthropics API address and key instead of let's say openrouter. Technically it's the exact same thing.
And most tools I used in the past month let you put in whatever openAI compatible API you want.
aeqri@reddit
What does this have to do with local LLMs?