Skip to content
Pinchy

Philosophy

Security + Ease

Section titled “Security + Ease”

Most self-hosted AI tools force a choice: either it’s easy and you give up control, or it’s secure and you need a DevOps team to run it.

Pinchy rejects that trade-off. We believe enterprise-grade security should feel light. Safe doesn’t have to mean scary. Powerful doesn’t have to mean complicated.

Smart Defaults, Full Control

Section titled “Smart Defaults, Full Control”

Pinchy should work the moment you start it. No config files to write, no environment variables to research, no setup guides to read first.

  • Everything has a sensible default. Agents work out of the box. Permissions, models, personality — all pre-configured.
  • Templates over blank slates. Instead of staring at an empty prompt, pick a personality preset. Professional Assistant, Friendly Helper, Technical Expert — choose one and go. Customize later if you want.
  • Progressive disclosure. The simple path is always visible. Advanced options are there when you need them, hidden when you don’t.
  • Zero-config setup. docker compose up and you’re running.

The goal: you should be productive in minutes, not hours. And when you’re ready for more control, everything is customizable.

Agents Are Personalities

Section titled “Agents Are Personalities”

Pinchy agents aren’t generic chatbots. They have names, characters, and distinct behaviors. The default agent — Smithers — is competent, polite, and occasionally dry.

This matters because people interact differently with a personality than with a tool. A named agent with a consistent character builds trust, makes the experience memorable, and gives your team something to relate to.

You can use our curated personality templates or build your own. Either way, every agent in Pinchy feels like someone, not something.

Your Server, Your Data

Section titled “Your Server, Your Data”

Every piece of data — conversations, API keys, documents, audit logs — stays on your infrastructure. There is no cloud component, no telemetry, no phone-home.

API keys are encrypted at rest. The audit trail is cryptographically signed and immutable. Role-based access control is built in, not bolted on.

We don’t just claim to care about data sovereignty. The architecture enforces it.

Open Source, Open Development

Section titled “Open Source, Open Development”

Pinchy is AGPL-3.0 licensed and built in public. You can read every line of code, audit the security model, and contribute improvements.

We write about what we build, why we build it, and what we learn along the way — on our blog and in our changelog.