FAQ / threat model (short):

- No backend: no accounts, no analytics, no server-side storage. Data stays on the device.

- Not a bypass: it only shows usage status + alerts + reset timers.

- Storage: credentials/tokens/keys are stored in iOS Keychain.

- Integrations:

  • API-key providers use API keys.

  • Dashboard-only providers use a user session (embedded login or user-provided session token) to fetch the same usage info visible in the dashboard.

- No MITM, no proxying traffic through any servers (it's local!). If a provider changes their dashboard/endpoints, that connector can break until updated.