Verify it yourself

Don't trust it — check it Last updated: June 28, 2026

Verifiability over assertion is the whole point — so here's where it's literal. Two things you can check with tools you already own: this website, right now, and Dryx itself, the moment you run it. A security tool shouldn't ask for your trust; it should hand you the way to confirm.

Verify this website — right now (about 2 minutes)

The dryx.ai site should only ever talk to what we disclose. Check it live:

  1. Open a network monitor. Easiest: your browser's DevTools → Network tab. Or Little Snitch, or sudo lsof -nP -iTCP in a terminal.
  2. Load and click around dryx.ai.
  3. Read the connection list. You'll see only dryx.ai (the site, via Cloudflare) and plausible.io (cookieless analytics — no cookies, no personal data; see What leaves your machine). You'll see buttondown.com only if you submit the early-access form, and releases.dryx.ai only if you open the release log.

That's the entire list. No Google Analytics, no ad or tracking pixels, no third-party fonts, no cookies, no consent banner — because there's nothing to consent to.

Verify Dryx itself — when you run the app

Dryx isn't downloadable yet — early access is open. When it ships, this is the five-minute self-test (and the recipe is published now so you can hold us to it):

  1. Arm a network monitor (Little Snitch, lsof, or a pf block-all rule — commands below).
  2. Launch Dryx and run a full inspection of your agents — the whole blast-radius graph.
  3. Watch the outbound connections. Zero unexpected egress: your workspace stays on your machine. The only connections you could ever see are the explicitly-listed ones on What leaves your machine (a license or update check) — never your scan data.
  4. Or cut the network entirely and run an inspection — verdicts still return. Inspecting and scoring need no network at all.
# Watch Dryx's own connections (re-run while it inspects)
sudo lsof -nP -i -a -c Dryx

# Or watch all established outbound TCP as you run a scan
sudo lsof -nP -iTCP -sTCP:ESTABLISHED

Keep us honest

If you ever see a connection that isn't on the endpoint inventory — from the website now, or from the app later — tell us at [email protected]. See our security.txt.