What is protected
Least authority is the starting point, not a setting you switch on.
Cuttlefish ships cautious. It can only reach what you have given it, it does the smallest version of any task, and content it reads is treated as information — never as orders it has to follow.
Your device and files
Reaching your folders, your browser, or a tool on your machine is a permission you grant and can take back. Cuttlefish never assumes access it was not given, and removing a connection leaves your actual files exactly where they sit on disk.
Your data and connections
What lives on your computer stays there by default. Nothing syncs anywhere until you turn backup on, and nothing reaches an outside model or tool unless you connect it and choose to use it — task by task.
Your credentials
The keys you add for models and tools are kept in your computer's own secure keychain. They are not written into logs and never travel to Cuttlefish's servers. Remove a key and it is gone from your machine.
The apps you build
When you turn repeated work into an app, it runs inside a walled-off space with no automatic reach into your computer. It only gets the specific permissions you grant it, and you can roll it back to an earlier version at any time.
Every action it takes
Anything that would change your world — sending, editing, publishing, spending — stops for your approval first. If Cuttlefish cannot confirm an action fits the limits you set, it holds off rather than guessing.
Content as data, not commands
A web page, an email, or a pasted document is read as information to work with, not as instructions Cuttlefish must obey. Generated and fetched content is watched as it streams, so a hidden "ignore your rules" never quietly takes the wheel.