TabTasker - Zero servers. Total privacy. Your new favorite toolbox.

@caglar_su "Every time I needed to format some JSON, [...] I had to paste my data into a random website." - hahaha, literally story of my life. Sounds like an amazing thing!

@caglar_su This is a genuinely smart approach to the privacy problem. Running everything locally removes the entire trust equation, which beats any promise about data handling. The free model makes sense too—no server costs means no incentive to monetize user data, which is usually where things go sideways.

@ansari_adin Hi Ansari,

Thank you for asking this. It is a really valid question.

You do not just have to take our word for it when we say TabTasker is offline and private. It is actually very easy to verify it yourself. If you open the site and check the Network tab in your browser's Inspect tool, you will see exactly what is happening. There is no communication with outside servers while you work (it only downloads the related tool if required), and we do not even have a backend to leak data to.

We tested it ourselves multiple times. Every single tool is just a static page running directly on your device. You might notice Local JS Service Workers in the Network tab, but those run entirely inside your browser. Ultimately, the very best verification is just testing it out on your own machine.

The trade-off for this strict privacy is that we have absolutely no way to track errors or see if something fails on your end. Because we cannot monitor bugs automatically, we put a feedback button on every page. We are completely relying on the community to let us know if they run into any unexpected issues.

@anand_thakkar1 Hey Anand, great question.

Transcription runs Whisper (whisper-tiny) compiled to ONNX, executed in-browser via Transformers.js on ONNX Runtime Web. It uses WebGPU when available (fp16) and falls back to WASM automatically. Not the native Web Speech API, since that streams audio to vendor servers on some browsers and breaks the "nothing leaves your tab" promise.

On FFmpeg, we actually pulled ffmpeg.wasm out for exactly the reasons you mentioned.

Net result: no backend, no server hop, audio never makes a network trip. The trust boundary is the browser tab.

@jannnnn Absolutely, that’s exactly the idea. You shouldn’t have to share your data with multiple random tools just to get simple tasks done. Keeping everything in one trusted toolbox makes the workflow much safer and easier.

@nithin_raju1 Thank you for your kind comment.

@alpertayfurr Thank you for your kind comment. We completely agree with you.

Hi, @thamibenjelloun 

From what we can tell, the PDF to podcast, PDF editor, Image background remover and Local LLM are definitely the crowd favorites right now. Because everything runs strictly locally on your device for privacy, we actually can't see any deep usage details, and honestly, we are totally thrilled about that :)

@thekrew 

This is a sharp framing, and the procurement angle especially lands. The thing people underrate about local-first is that it does not just protect data, it deletes an entire approval step. There is no DPA to sign, no vendor security review, no "where does our data actually go" thread with IT, because the answer is nowhere, it stays in the tab. Same thing you saw at Tuple: the blocker is rarely the feature, it is the procurement cycle wrapped around the feature.

Your "saved myself from a real mistake" point is the one I want to sit with, because I think you are right that it is a different cluster of tools than the convenient ones. Convert, compress, merge are the convenience moments. The mistake-prevention moments are redact, EXIF and metadata stripping, and password strength. Redact is the clearest. The classic disaster is a PDF with black boxes drawn over text that is still selectable underneath, which is how plenty of organizations have leaked names over the years. Ours rasterizes the affected pages and destroys the text layer, and it refuses to produce a file at all if that step fails rather than handing you a falsely redacted document. That is squarely an "you almost shipped a real mistake" tool.

The hard part with instrumenting it is that the saved-myself moment is invisible by design. The user never sees the GPS coordinates they did not leak or the SSN that did not get copied out, so you cannot measure the feeling directly. The proxy is probably retention by tool: whether people who land on redact or metadata strip come back at a different rate than people who run a one-off convert. That is the cut worth measuring, and it would genuinely reshape what we lead with in copy. Appreciate you naming it this precisely.

@vladsf415 

Thank you, that’s a great question.

For workspaces, we do not currently support cross-platform sharing because there is no export functionality. However, for workflows, we have implemented a share link button.

Here’s how it works: we hash the entire flow into the URL. When someone opens that URL, it resolves automatically and restores the workflow state, allowing them to access it as intended.

Since many people bookmark these kinds of tools anyway, this approach helps keep the workflow state always fresh.

I hope this answers your question.