|
Minipilot was a project I developed as a solo hacker (competing mostly against teams of 8-10 hackers) in the 2025 Global Microsoft Intern Hackathon under the Building Trustworthy and Secure Systems theme, ultimately winning the 2nd place award. A huge thanks to the Microsoft Intern Hackathon & Celebration Week team for hosting a great event. |
Minipilot is a local-first code assistant that achieves maximum possible privacy by ensuring your codebase never leaves your machine. Unlike cloud-based alternatives, Minipilot provides intelligent code assistance while maintaining complete data sovereignty. It is the privacy-first alternative to Github Copilot, Cursor, and other AI code assistants.
Traditional code assistants like Github Copilot and Cursor require uploading your entire codebase to their servers for processing:
- Cursor's Architecture (in Privacy Mode): Uploads your full codebase → generates embeddings on their servers → deletes your code but retains embeddings → performs semantic search over the vectorized embeddings → retrieves relevant code chunks and sends to LLM → when session is over, embeddings are deleted
- Github Copilot: Not public, but likely similar and certainly requires a fully upload of codebase to some server, even if temporary, and continuously streams code context to Github's servers for real-time suggestions
- The Upshot - Privacy Risks: Your intellectual property passes through third-party infrastructure, creating potential security and compliance issues, regardless of whether or not these providers retain your data.
Minipilot achieves the theoretical minimum for LLM context sharing - only the semantically relevant code chunks needed to answer your specific query:
Your Machine (Private) Cloud (Minimal Exposure)
┌─────────────────────┐ ┌──────────────────────┐
│ Full Codebase │ │ Only: Query + │
│ ↓ │ → │ Relevant Chunks │
│ Local Embeddings │ │ (Few hundred lines │
│ ↓ │ │ at most) │
│ Semantic Search │ │ │
│ ↓ │ │ LLM Provider │
│ Minimal Context │ │ (OpenAI GPT-4o) │
└─────────────────────┘ └──────────────────────┘
- Local Processing: All embeddings, indexing, and semantic search happen on your machine
- Minimal Exposure: Only query + relevant code chunks (typically <1% of your codebase) reach the LLM
- No Persistence: No embeddings or code stored on external servers
- Complete Control: You decide what gets shared, when, and with whom
| Solution | Codebase Upload | Server-Side Processing | Data Retention | Privacy Level |
|---|---|---|---|---|
| Github Copilot | Yes - Full upload | Yes - Cloud processing | Only temporarily with privacy policy | Requires user to trust provider |
| Cursor | Yes - Full upload | Yes - Cloud processing | Only temporarily in privacy Mode | Requires user to trust provider |
| Minipilot | No - Never uploaded | No - Local only | No data is EVER in the hands of a third party until the LLM query. Not even temporarily. | The user IS the provider. No third party is ever involved in indexing. User's codebase is NEVER sent to any server for embedding. |
Below is a demo of Minipilot running on the repository for Full Stack at Brown's website, which is a static, Astro-based site.
demoOnFsab.2.mp4
- Local Embeddings: Uses
instructor-xlmodel for code understanding (runs entirely offline) - Vector Database: ChromaDB for fast semantic search of your code
- Intelligent Chunking: Context-aware code segmentation with overlap handling
- Merkle Tree Change Detection: Efficient incremental updates using cryptographic hashing
- Web Interface: Clean localhost interface for querying your codebase
- Indexing: Scans your codebase and creates local embeddings
- Query Processing: When you ask a question, embeds your query locally
- Semantic Search: Finds most relevant code chunks using vector similarity
- Minimal Context: Sends only your query + relevant chunks to LLM
- Response: Gets answer back without exposing your full codebase
# setup
git clone https://github.com/b3nkang/minipilot.git
cd minipilot
pip install -r requirements.txt
# add API key
echo "OPENAI_API_KEY=your_key_here" > .env
# start minipilot
python start_web.pyThe web interface will open automatically. Your codebase gets indexed locally, and you can start asking questions immediately.
- Enterprise Development: Keep proprietary code completely private
- Security-Sensitive Projects: Maintain compliance with data governance policies
- Open Source with Privacy: Get AI assistance without exposing internal implementations
- Learning & Exploration: Understand large codebases without sending everything to the cloud
- Code Documentation: Generate explanations using only relevant context
- Maximum Privacy: Your code never leaves your machine
- Fast Search: Sub-second semantic search across large codebases
- Smart Context: Only sends relevant code chunks to LLM
- Web Interface: Clean, responsive interface for easy querying
- Incremental Updates: Efficient change detection and reindexing
- Keyword Boosting: Enhanced search results with intelligent ranking
- Multi-Codebase: Easy switching between different projects
- Compliance-Ready: No data leaves your infrastructure
- Cost-Effective: Only pay for actual LLM usage, not storage/processing
- Offline-Capable: Semantic search works without internet
- Customizable: Full control over indexing, chunking, and search parameters
- Transparent: Open source architecture you can audit and modify
Minipilot represents a new paradigm: intelligent code assistance without privacy compromise. By keeping all processing local and minimizing cloud exposure, it proves that you don't need to sacrifice privacy for powerful AI-driven development tools.
As data privacy becomes increasingly critical in software development, Minipilot's architecture offers a sustainable path forward - one where developers can leverage the power of large language models while maintaining as much control as possible over their intellectual property.