ccpop runs entirely locally and sends nothing over the network, with one explicit exception (below). Specifically it:
- reads only the file you pass to
ccpop view; - reads/writes
~/.claude/ccpop.config.jsonand~/.claude/ccpop.state.json; - spawns your editor,
npm, or the system "open" handler (browser) that you configured; - renders markdown to HTML locally, escaping raw HTML and neutralizing dangerous link schemes
(
javascript:→#) so opening untrusted AI-generated markdown cannot execute scripts.
Network exception: when a rendered document contains a ```mermaid block (and view.mermaid
is enabled), the generated HTML includes a single <script> from a fixed CDN origin (jsDelivr) to
draw the diagram. This tag is fixed and never derived from the markdown content. Disable it with
ccpop config set view.mermaid false.
Please open a private security advisory on the GitHub repository, or contact the maintainers before
public disclosure. Include reproduction steps and the affected version (ccpop --version).