Problem
When users configure their AI provider API keys through the settings UI, there is no indication that the key will be transmitted to and processed by the server. This is the expected architecture — the server needs the key to call AI APIs on behalf of the user.
However, OpenMAIC instances can be deployed as public services by anyone. Users who discover these instances (e.g. via search engines) may not understand that entering their API key grants the instance operator full access to that key. This differs from platforms like ChatGPT where users authenticate against the official provider directly.
Proposal
Add a brief security notice near the API key input field in provider settings. Something like:
⚠️ Your API key will be sent to the server hosting this instance. Only enter your key if you trust the operator of this deployment.
This should be:
- Visible but not intrusive (e.g. a small info tooltip or muted text below the input)
- Localized (zh-CN / en at minimum)
- Shown for all provider types that accept user-supplied keys
Context
This is an inherent limitation of the proxy architecture, shared by all similar projects (ChatGPT-Next-Web, LobeChat, etc.). It cannot be "fixed" technically — but user awareness can be improved significantly with a simple UI change.
No API or behavior changes needed. This is purely a UX/security-awareness improvement.
That said, attackers can easily revert it
Problem
When users configure their AI provider API keys through the settings UI, there is no indication that the key will be transmitted to and processed by the server. This is the expected architecture — the server needs the key to call AI APIs on behalf of the user.
However, OpenMAIC instances can be deployed as public services by anyone. Users who discover these instances (e.g. via search engines) may not understand that entering their API key grants the instance operator full access to that key. This differs from platforms like ChatGPT where users authenticate against the official provider directly.
Proposal
Add a brief security notice near the API key input field in provider settings. Something like:
Context
This is an inherent limitation of the proxy architecture, shared by all similar projects (ChatGPT-Next-Web, LobeChat, etc.). It cannot be "fixed" technically — but user awareness can be improved significantly with a simple UI change.
No API or behavior changes needed. This is purely a UX/security-awareness improvement.
That said, attackers can easily revert it