-
Notifications
You must be signed in to change notification settings - Fork 0
Known Limitations
Marty McEnroe edited this page May 22, 2026
·
1 revision
Clio does not claim to do what it does not do. This page lists the most relevant boundaries.
- Not a scraper for other users' content. Clio reads conversations rendered in the active tab. The user must be logged in and viewing their own conversation. Clio does not enumerate, harvest, or batch-collect conversations the user is not actively viewing in a Clio 1.x release.
- Not a circumvention tool. Clio does not bypass rate limits, paywalls, authentication, or terms of service. It captures what the user is already authorized to see.
- Not an export pipeline for the LLM provider. The provider's terms govern what the user can do with their own conversation data. Clio assumes the user is exercising portability rights, not redistributing third-party content.
- Not a legal evidentiary record. The extracted JSON is unsigned and untimestamped. See Provenance and Auditability for what Clio does and does not claim about audit fidelity.
- Not a substitute for the provider's privacy controls. Clio's local copy does not affect the conversation's status on Google's, Anthropic's, or OpenAI's servers.
-
No batch enumeration. Clio extracts one conversation at a time, the one the user is looking at. Bulk extraction across an account is on the roadmap for Clio 2.0 (epic labels:
epic:sidebar-harvest,epic:full-extraction). -
No long-term storage in the extension. No IndexedDB, no
chrome.storageuse in the current release. Each extraction is a fresh ZIP file. - DOM-dependent. Provider UI changes can break extraction until selectors are updated. The repository's lessons-learned and ADR docs reflect this maintenance cost. The trade-off is preserving the rendered view's fidelity (see Provenance and Auditability).
-
Cross-origin images may fail to download. Clio fails open for images: errors are logged in
metadata.extractionErrorsand the run continues. The text is the primary artifact.
Open issues are visible in the repo. Bugs are labeled bug; pre-launch quality work is labeled chrome-web-store and launch-blocker where applicable.
- Functional or quality issue: file an issue using the bug-report template
- Security issue: see SECURITY.md for the private reporting channel — do not file publicly
- User Data Sovereignty — the framing that defines the project's scope
- SECURITY.md — security-out-of-scope items in formal language
- PRIVACY.md — the user-facing privacy commitments
Three Pillars (CIA)
- Privacy Architecture — Confidentiality
- Provenance and Auditability — Integrity
- Availability and Denial of Access — Availability
Topics
Source docs