FactionOS
Open Demo (external link) Read Docs (external link)

FAQ

Answers with the boundary attached.

Product fit, setup, privacy, docs, teams, and hosted options in one static page.

These answers are intentionally practical and conservative. If a capability needs proof, owner review, credentials, legal approval, or production-hosted validation, the answer says so.

Security Roadmap

Questions

Categorized answers, no runtime search.

Browse by category or open each native disclosure. The page does not add client-side search, analytics, storage, or personalization.

Product

What FactionOS is

Core product answers about the cockpit, local-first posture, and what the public website can safely claim.

Category Product
What is FactionOS? FactionOS is local-first mission control for observing and steering AI coding agent work.

FactionOS is a local-first command surface for AI-assisted development work. It helps operators observe hook events, mission state, approvals, replay context, and coordination signals without making a hosted account the default path.

The public website explains that product direction with static pages. It is not the runtime product, a hosted dashboard, or a data collection surface.

Boundary Product copy must stay tied to local-first and static-site evidence already present in the website.

Who is FactionOS for? It is aimed at people and teams coordinating agent-assisted development work.

The first public story is built for engineering teams, AI platform teams, founders, and power users who need better visibility into agent workflows.

Use-case pages describe role fit without claiming public proof, commercial outcomes, or hosted organization management.

Boundary Role pages are product-fit guidance, not public proof or production usage evidence.

Setup

How setup is framed

Setup answers focus on local operation, docs, demo separation, and the absence of website-hosted onboarding.

Category Setup
How can I try the product direction? Start with the separate synthetic demo and public docs; this website stays static.

The public website links to a separate synthetic demo destination and public GitBook docs. Those destinations are external to this static site and should be evaluated as their own surfaces.

The website itself does not create accounts, run onboarding flows, submit hosted forms, or personalize content at runtime.

Boundary External demo and docs links are explicit; the website does not become an app host.

What runs locally? The product story centers on local hook ingest, local server state, and cockpit views.

Current website copy describes a local-first path where hook events and mission context are observed through local product surfaces.

Optional transfers and future hosted capabilities must be named separately and require their own review, controls, and evidence.

Boundary Local-first copy cannot imply every future integration is local or every external transfer is impossible.

Privacy and security

What data posture is claimed

Privacy answers reuse the active no-claim boundaries from the security posture instead of overpromising.

Category Privacy and security
Does this website collect visitor data? The static website does not add analytics, hosted forms, cookies, auth, or runtime personalization.

This public website is static Astro output. It does not add analytics capture, hosted forms, cookies, auth, account handling, localStorage writes, WebSockets, EventSource, or runtime fetches.

External demo, docs, email, hosting, and browser behavior are separate boundaries and should be reviewed through their own policies and notices.

Boundary Website privacy copy must not claim control over external destinations or future hosted services.

Is there a trusted unified erasure workflow? No broad trusted unified erasure claim is made for the website or broader product.

Scoped deletion and cleanup evidence exists in earlier product areas, but the active security posture keeps broad trusted unified erasure as a no-claim.

That means the website should not imply proven deletion across hosted surfaces, logs, archives, backups, browser state, exports, or future integrations.

Boundary Trusted unified erasure remains an open no-claim until every claimed boundary has evidence.

Demo and docs

How external destinations fit

Demo and docs answers keep visitor expectations clear across the website, demo, and documentation domains.

Category Demo and docs
Is the public demo the product? The demo is a separate synthetic preview destination, not this website and not a broad production validation claim.

The public demo is a separate destination for exploring product direction. It is intentionally separated from the marketing website and public docs.

A demo link does not prove production-hosted validation for the broader product, War Room, Worker surfaces, or future hosted options.

Boundary Demo availability cannot be reused as a production-hosted validation claim.

Where are the docs? Public docs live at an external GitBook destination and are linked explicitly.

The website links to public GitBook docs as an external destination. Product docs, technical references, and implementation details should live there or in repository docs instead of being duplicated on marketing pages.

Docs links should stay explicit so visitors know when they leave the static public website.

Boundary External docs are not a hidden tracker or website-hosted CMS path in this implementation.

Integrations

How external systems are handled

Integration answers distinguish local product behavior from explicit optional transfers.

Category Integrations
Does FactionOS send prompts or files to external providers by default? No default provider transfer is claimed; external transfer must remain explicit and controlled.

The active project posture requires external provider transfer to be explicit. A provider key alone must not be described as permission to send prompts, files, terminal output, paths, or code.

Any future provider or adapter copy must describe consent, minimization, redaction, failure behavior, and configuration clearly.

Boundary The FAQ must not imply silent provider transfer or active integrations without scoped evidence.

Can integrations run commands or change my code from the website? No. This website is static and does not run executors or inbound control workflows.

This website cannot run terminal commands, edit files, open local sockets, trigger guarded actions, or control a workspace.

Future executor behavior would require a separate threat model, authorization design, audit trail, tests, and documentation before public claims change.

Boundary Real executor and inbound control capabilities remain outside this static website scope.

Teams

How team use is described

Team answers avoid turning role pages and optional collaboration surfaces into hosted identity claims.

Category Teams
Can a team use FactionOS? Team use is a product-fit direction, with role-specific pages and explicit collaboration boundaries.

The use-case pages describe how engineering and platform teams may evaluate FactionOS for agent workflow visibility and handoff clarity.

Those pages do not claim hosted organization membership, SSO, account identity, public collaboration safety, or production auditability.

Boundary Team fit is not the same as a shipped hosted organization or identity product.

Is War Room collaboration a hosted account system? No hosted account identity claim is made for War Room or the website.

War Room collaboration is described as optional and boundary-specific. Room-local authority is not the same thing as hosted account identity, SSO, organization membership, public collaboration safety, or production auditability.

Any stronger collaboration claim must wait for scoped identity, authorization, consent, abuse controls, validation, and documentation work.

Boundary Hosted identity remains an active no-claim in the cumulative security posture.

Hosted options

What is not active by default

Hosted answers keep future options separate from default website and product claims.

Category Hosted options
Are hosted services active by default? No active hosted storage, analytics, push, public replay, tunnel, or remote-access claim is made here.

Hosted storage, analytics, public replay, push, tunnels, and remote access are treated as disabled-default or future review areas unless a scoped session ships them with controls and evidence.

The roadmap can name these as later themes, but the FAQ must not describe them as active services.

Boundary Reserved hosted configuration is not active capability without implementation and validation evidence.

Are the legal pages final? No. The first legal pages are pre-review placeholders unless owner-approved legal text is supplied.

The legal hub, privacy, terms, and acceptable-use routes are built to keep policy scope visible before launch review.

Until owner/legal-approved copy exists, those pages remain clearly marked as pre-review placeholders and do not create policy acceptance workflows.

Boundary Pre-review policy copy is not final legal approval and does not create acceptance or consent workflows.