← Back to FloDee
FloDee โ AI Models Used for Safety & Quality Control
๐ก๏ธ FloDee 1.0.213 has been reviewed for code integrity, safety, and vulnerabilities to hacking. No malware or unsafe behavior was found.
Build reviewed: FloDee 1.0.213
AI models that reviewed this build
- Claude Fable 5 (an AI model by Anthropic) โ 2026-07-12, 03:04 PDT (10:04 UTC)
What this is (and isn't). FloDee's source is reviewed by AI models for malware, data theft, hidden network activity, and anything that could damage a user's system โ and the models that did so are listed here, per build. This is a transparency disclosure, not a formal third-party security certification, penetration test, or guarantee. It's an honest, dated, per-version record โ best read alongside FloDee's other trust signals (no telemetry, local-only data, and code signing). As AI code review becomes a normal part of shipping software, this page is FloDee's standing record of it.
Verdict
FloDee is a legitimate local desktop utility. This review found no malware, no data exfiltration, no attack functionality, and no destructive behavior that isn't user-initiated and confirmed. Nothing runs against other people's machines; everything acts on the user's own windows, files, and settings, at the user's request.
Scope reviewed
The security-relevant surface: outbound network calls, file reads/writes/deletes, the global keyboard/mouse hooks, registry access, the peer-to-peer messenger (including incoming file handling), process control, screen capture/recording, and credential/data storage. Not an exhaustive line-by-line audit of the whole codebase.
Findings
Network โ only expected, user-serving traffic; no telemetry.
- License check-in (activate / verify / deactivate): sends the license key and a one-way hash of a couple of hardware identifiers โ never the user's name, files, or raw hardware IDs. Fails silently offline; trial users with no key make no such call.
- A "Check Public IP" button the user clicks (queries ipify.org).
- The peer-to-peer messenger, only when the user connects to a peer (TLS via SslStream).
- No hidden beacons, analytics, or usage tracking of any kind.
Keyboard/mouse hooks are not keyloggers. The global hooks react only to specific summon hotkeys and feed the on-screen Input Visualizer. Keystrokes are not stored, logged, or transmitted.
Incoming P2P files are contained. Received filenames are sanitized, and the save path is verified to resolve inside the configured download folder (rejected otherwise) โ defense in depth against path-traversal.
System changes are limited and user-driven. Registry use is HKCU-only (no system-wide writes); destructive actions (Force-Close-All Windows, killing a process from Port Peek) ask for confirmation first.
Data at rest is encrypted. Messages, notes, and credentials in settings.json are protected with Windows DPAPI.
Honest notes (things a scanner would legitimately flag)
These are disclosures, not damage to the user:
- Anti-piracy trackers use disguised registry paths. Trial-time enforcement stores DPAPI-encrypted blobs under synthetic CLSID keys. This is DRM, but the technique pattern-matches to what some malware does, so a security tool might flag it.
- Runtime helper scripts. FloDee generates small VBScript/PowerShell helpers in the temp folder (to read an Explorer window's folder path, or rescue windows), runs them, and deletes them. App-authored and scoped to FloDee's own data โ but on-the-fly script generation is a common AV heuristic trigger.
- P2P uses trust-on-first-use, not CA-verified certificates. Peers use a self-signed cert pinned on first contact โ appropriate for LAN messaging, but a first-connection man-in-the-middle isn't cryptographically prevented. A documented design choice.
Bottom line
Safe to run. FloDee does exactly what it says โ organize windows, panels, files, capture, and messaging on the local machine โ with no hidden or hostile behavior.