Ground truth

What Bolt and Aeira actually do

Straight answers to the questions and objections that come up most, with what is shipped today, what is still staged, and where Bolt is honestly not the right tool. If a capability is not on this page, do not assume we have it.

The one thing no one else does

We do not claim to beat every specialist tool at its single specialty. We claim something narrower and true: no other product unifies all of the following in one governed, self-hostable surface.

Offline daily driverA real desktop launcher with local utilities, clipboard, notes, screenshot OCR and visual search, and local file search, useful before any model is called.
Device plus SaaS, unifiedFirst-party context on your machine and third-party enterprise systems in one place an agent can act on.
Governance that survives a swapMasking, approvals, audit, and identity stay the same when you change the model or the backend.
Extensible by configurationOpen MCP plus a few lines of YAML brings almost any system or format in, without waiting on a vendor roadmap.

Copilot has the Office surface but not sovereignty or model choice. Enterprise search tools have retrieval but not the local daily driver or governed action. Local-file tools have device context but no governance, no enterprise reach, no audit. Sovereign model platforms have the infrastructure but not the end-user workspace. Each owns a slice. Bolt and Aeira own the unification, and the unification is the point.

Runs on your laptop, works offline

This is the part external writeups miss most, because these features live inside the app and were under-described in public copy. They are shipped and generally available today. You can verify the offline claim by turning off Wi-Fi and watching local tasks keep working.

CapabilityStatusWhat it does
Overlay launcher Cmd/Ctrl+Shift+KGANon-disruptive overlay on top of your focused app; the daily entry point.
80+ instant offline utilitiesGAJSON/YAML/SQL, base64/hex, hashes, JWT, regex, timestamps and time zones, currency and unit conversion, UUIDs, color, and more, with no LLM call and no network.
Clipboard historyGACaptures copied text, images, and files into a searchable, pinnable history, stored encrypted on your device.
Notes and image annotationGADevice-local rich notes (formatting, lists, checklists, tables, links) with full-text search, encrypted at rest. Mark up screenshots and images (arrows, text, redaction) and keep or share the result. See secure sharing below.
Browser extension and live contextGAA Chrome extension (side panel, omnibox) brings the current tab and selection to Bolt. In the launcher, pull your screen, selection, current tab, clipboard, or an on-device OCR of what is on screen into a prompt as first-class context. The sensitive ones are masked at the boundary before any model sees them.
Timers, reminders, and snippetsGALocal timers, reminders, notifications, and text snippets with expansion, so the launcher stays the daily driver for small tasks too.
Screenshot capture and OCRGAOn-device optical character recognition makes the text inside screenshots and images searchable.
Screenshot visual searchGA, opt-inSearch screenshots by visual meaning with an on-device image model, downloaded once on your explicit opt-in.
Local file searchGAIndexes and searches your own file locations by name and content, with exclusions you control.
Desktop agentGAWith your permission, browse local files, run terminal commands, and open applications, sandboxed and permission-controlled.
On-device voice inputOpt-inSpeak to the launcher: the microphone is captured and transcribed entirely on-device with Whisper, so audio never leaves the machine. It adopts a local Whisper model if present, otherwise offers a one-time download. Currently an opt-in Labs experiment in builds that include it, not on by default.
On-device encrypted storageGAClipboard, notes, and indexes live in an encrypted local database; an embedded database ships in the app, so no external database is required for the desktop build.

Encrypted at rest, everywhere. Clipboard history, notes, and screenshot indexes are stored in a whole-database-encrypted local store, with the encryption key derived on-device and file-permission locked. Connector and OAuth tokens are held in a separate AES-256-GCM vault. Nothing local sits in plaintext.

Precise note on search: screenshot visual search uses an on-device image model. General document retrieval in Bolt is keyword and entity based; Aeira is the dedicated plane for enterprise document search.

Depth: it does not just recognize, it validates and protects

The local surface is not a handful of toys. It is deep, and much of it is security you get for free on every paste, offline.

CapabilityStatusWhat it does
Offline knowledge catalogGATens of thousands of reference entries answer instantly with no network: currency, country and airport codes, time zones, HTTP status codes, ports, MIME types, ICD-10, Unix exit codes, chmod bits, ASCII, and more.
Security scan on every pasteGALocal scan for hidden and dangerous characters (bidirectional and zero-width, the Trojan-Source class), homograph and confusable look-alike attacks, and leaked secrets (cloud keys, tokens, private keys), before anything is sent anywhere.
Identifier validationGAValidates pasted identifiers with real check-digit math, offline: Luhn, IBAN, ISO 7064, Verhoeff (Aadhaar), plus 17+ national validators (NHS, CPF/CNPJ, MyNumber, and more). Catches look-alikes that pass a naive regex.
Structural shape recognitionGARecognizes hundreds of value shapes on sight: git SHAs, UUIDs with mint time, semver, MAC and IP/CIDR, crypto addresses, CVE/GHSA/CVSS, DOI/arXiv/PMID, tickers, and roughly 50 regional government IDs.
PII masking at the model boundaryGAEmails, phones, cards, secrets, and more are masked before any prompt reaches a model, and restored in the response, from an authoritative server-side catalog. Optional pluggable NER (name, address, org) for deeper detection.
Redact before you paste outGAA one-motion redact so sensitive values are stripped locally before you copy anything into an outside tool.
Screen-share-safe modeGAOne toggle widens on-screen masking to an extended tier (email, phone, and more) so nothing identifying is painted while you screen-share or demo; secrets and marked-sensitive values stay hidden regardless. (Automatic meeting detection is staged; the manual toggle is live.)
Cross-surface search operatorsGAGmail-grade operators (from:, to:, is:unread, has:attachment, before:/after:, assignee:, due:) parsed locally and applied across email, calendar, tasks, files, people, and clips at once, not just one keyword-matched folder.

Secure sharing, on your own storage

When you do need to share a note or an annotated screenshot, Bolt turns it into an expiring, revocable link, and the file lives on storage you control, not on Sparcle.

  • The bytes never touch Sparcle. Bolt encrypts every file on your device before it is stored, then mints an expiring capability link. Storage is your own cloud drive (Google Drive, OneDrive, or Dropbox, connected automatically) or, for teams, your organization's own S3 or MinIO bucket.
  • You keep the controls. Set an expiry (one hour to never), require a password, limit downloads, restrict to your organization, and revoke access at any time, with a per-open audit trail. The encryption keys and the revoke control stay with you.
  • Annotate first, locally. Mark up a screenshot or image with arrows, text, and redaction, then share the result.

Individuals share through their own connected drive automatically; a central team deployment adds server-enforced org-only access, passwords, download limits, per-open audit, and instant revoke on top. Either way, nothing is stored on Sparcle infrastructure.

A governed terminal, and the agents you bring

Bolt is also a power surface, and the governance follows it there.

CapabilityStatusWhat it does
Policy-governed terminalGAA real terminal and tmux inside the launcher. Every command that Bolt itself injects (a saved recipe, a tmux send, an agent action) crosses a native policy chokepoint where admins allow or deny by rule, and the whole capability can be turned off by policy for regulated orgs. What you type by hand is never governed. (The confirm-before-destructive dialog is staged; deny and catastrophic-command enforcement are live.)
Bring your own coding agentGARun Devin, Claude Code, Codex, or Gemini locally on your workspace through the open Agent Client Protocol, under the same approvals and audit, so you are not locked to one vendor's agent. (Bolt hosts the agent locally; deeper server-side orchestration is staged.)
Password and secret vaultGASearch across your connected vaults (1Password, Bitwarden, Apple Keychain, Windows Credentials) and copy a password, username, or TOTP in one keystroke, locally. Revealing a corporate or shared secret is policy-gated and audited; personal vaults stay ungoverned. Generates strong passwords on demand.

Productive without burning tokens

The "AI is too expensive" objection is answered by an engine, not a dashboard. Before the agent loop runs, a lightweight classifier decides whether the query even needs a model: knowledge, greeting, and meta questions skip the model and tool-loading entirely, and most everyday queries resolve on the instant local engines with no model call at all. When a model is genuinely needed, Bolt caches the stable prompt prefix for a large discount and enforces a token budget, and because you bring your own key there is zero token markup. The PII masking still runs on the classifier path, so cost discipline never costs you the privacy guarantee.

Healthcare, finance, and defense, without a code release

Regulation and vertical rules are not hard-coded. They ship as swappable, signed packs, so a new jurisdiction or industry is a data change, not a software update. This is how one product serves regulated verticals honestly.

  • 28 packs ship in the box, including healthcare, finance, defense, and legal cores, plus jurisdiction privacy packs: GDPR, UK GDPR, CCPA, LGPD, DPDP (India), PIPL (China), APPI (Japan), PIPA (Korea), PDPA (Singapore and Thailand), Australia Privacy, PIPEDA and Quebec Law 25, POPIA, NDPA, KVKK, PDPL, FADP, and more.
  • An enabled pack masks or blocks its sensitive patterns at the model boundary, and validates national IDs with real check-digit math, so look-alikes are caught, not just regex-matched.
  • Packs install offline as signed bundles. New regulation reaches an air-gapped deployment without a software update.
  • Cryptographic erasure and evidence export support GDPR and HIPAA right-to-be-forgotten obligations, with an offline-verifiable audit proof.
  • You can author your own pack in a short YAML manifest. Multi-jurisdiction is stacking packs.

Honest scope: the packs deliver defensible safeguards, masking, and evidence. They are not a consent manager and do not by themselves issue a compliance certification; pair them with your DPO or counsel. Automated DSR request-intake is staged; the erasure cascade and evidence export are live today.

Your device and your SaaS, one surface

The same launcher that does the local work reaches outward. Your first-party context (local files, clipboard, notes, terminal, other machines you own, reachable by phone-to-desktop bridge and multi-machine routing) and your third-party systems (email, calendar, Slack, Jira, Salesforce, ServiceNow, SAP, and 100+ more via the open Model Context Protocol) sit together, so an agent can act across both under one set of rules. This is what removes the "two AI worlds" problem, where people keep a cloud assistant for work systems and separate local tools for their own machine.

No lock-in, and governance that outlives your model

Lock-in in enterprise AI usually happens at several layers. Bolt refuses every one.

  • Model layer. Bring your own LLM at every tier: OpenAI, Anthropic, Amazon Bedrock, Google Vertex, Ollama, NVIDIA NIM, LM Studio, or any OpenAI-compatible endpoint. Hot-swappable, zero token markup, you pay your provider directly.
  • Ecosystem layer. You are not tied to one vendor's suite. Bolt sits above Microsoft 365, Google Workspace, Zoho, Slack, Jira, Salesforce, ServiceNow, SAP, and more, and works with any OIDC identity. Copilot is welded to Microsoft and Gemini to Google; Bolt is welded to no one, so mixing or changing suites does not change Bolt.
  • Protocol layer. Integrations ride the open MCP standard, not a proprietary plugin marketplace. Bring your own MCP servers.
  • Deployment layer. Self-host anywhere, including air-gapped. No dependency on a Sparcle-operated cloud.
  • Agent layer. Bring any ACP coding agent (Devin, Claude Code, Codex, Gemini) and run it locally under the same approvals and audit. You are not locked to one vendor's agent any more than one vendor's model.

The differentiator most competitors cannot match: your governance is defined once and survives the swap. PII masking, human approvals, audit, and identity-aware access attach to the boundary, not to a particular model or vendor. Change the model, change the backend, even move from a frontier API to a local model in an air-gapped room, and the same masking, approvals, and audit chain apply. You do not re-run compliance because you changed a model. A cloud AI assistant cannot offer this, because its governance is its cloud.

Bring anything into Bolt

The honest boundaries below are narrow because Bolt is built to be extended, not replaced, when you need something it does not ship. The practical answer to most "does Bolt do X?" questions is: if X has an API or an MCP server, yes, by configuration, usually in minutes, and under your governance.

  • If it speaks MCP, it plugs in. Point Bolt at any MCP-compliant server and its tools become governed actions the agent can take.
  • If it has an API, you can wrap it. A short YAML utility manifest turns an external API or internal system into a first-class Bolt action.
  • If it is a data format, Bolt probably already knows it, and if not, you teach it in a few lines of the same manifest.

The shape of a user utility: a recognize block matches the input, a transform pipeline shapes and routes it, locally or to any MCP tool.

utility: acme-ticket
recognize:
  - pattern: "ACME-\\d+"          # matches ACME-1234 anywhere you type or paste
    read_as: "Acme ticket id"
transform:
  pipe:
    - mcp: acme.get_ticket         # call your own MCP server
    - pick: [id, title, status, owner]
    - table                        # render a clean result in the launcher

That is the whole idea: you are not waiting on our roadmap to reach your systems.

One app replaces a stack, and shrinks the attack surface

Because the daily surface is broad and local, one governed app absorbs what is usually a drawer of single-purpose tools:

  • Utilities and dev tools: clipboard manager, snippet expander, JSON/YAML/SQL formatter, regex tester, base64/hash/JWT tools, timezone and currency converters, UUID and password generators, QR maker, color tools.
  • Local knowledge and files: screenshot-OCR search, local file search, a notes and annotation app, and a reference catalog (ports, HTTP codes, ICD-10, and more).
  • Secure workflow: password-vault access, secure file sharing with expiry and revoke, image annotation, and a terminal.
  • Work systems and AI: enterprise search, a cross-system agent, and an AI chat client, all under one identity and one audit trail.

That is easily two dozen point tools folded into one surface you deploy and govern once, with fewer licenses, fewer vendors, and fewer places your data can leak.

On risk, we quantify honestly. Every point tool Bolt retires and every task it keeps local is attack surface removed and one less place data can leak. The size of that problem is real and third-party documented (see the evidence below), but we will not quote a made-up risk-reduction percentage. The honest, concrete number is the consolidation itself: one governed surface instead of two dozen ungoverned ones.

The problem we remove, and why it is expensive

The offline surface matters because the single biggest AI risk in the enterprise is people pasting sensitive data into public chatbots because it is fast. Every task Bolt absorbs locally is a leak that never happens. The pain is documented by independent researchers (figures below are attributed to their publishers, not our own measurement):

FindingSource
Employees routinely paste into public GenAI tools, much of it through unmanaged personal accounts, many times a day, and a meaningful share of those pastes contain PII or regulated data.LayerX Enterprise AI/SaaS Security Report; Verizon DBIR coverage
A significant share of files uploaded to GenAI and of text pasted into it contains PII or payment data.Cloud Security Alliance; LayerX
Shadow AI adds roughly $670,000 to the average breach, and most breached organizations had no AI governance policy.IBM Cost of a Data Breach 2025
The EU AI Act carries penalties up to 35 million euros or 7 percent of global turnover, with high-risk obligations enforceable from August 2026.EU Regulation 2024/1689

Bolt is the structural antidote: the fast, sanctioned, local alternative for the everyday reformat, decode, compute, validate, and redact tasks, so the reason to paste into an outside tool goes away, while masking, approvals, and audit govern the times a model genuinely is needed. That is data locality delivered as daily productivity, not as a policy nobody follows.

When Bolt is not the right tool

Credibility depends on saying where we stop. Bolt is not, and does not pretend to be:

Not thisWhat to use instead
Inline network security (secure web gateway, forward proxy, CASB, firewall)Keep your proxy. Bolt governs what your workforce does with AI; it does not sit inline on your network. It complements your proxy.
Endpoint security, antivirus, or EDRRun your EDR alongside Bolt. Bolt is not a threat-detection or malware-defense agent.
GPU or MLOps infrastructure (scheduling, fine-tuning, model serving)Pair Bolt with your serving stack (for example NVIDIA NIM or vLLM). Bolt brings your model; it does not run the model farm.
In-document Office co-authoringIf your entire AI value is inside Word or Excel and cloud AI is acceptable, a native Office assistant fits that specific need. Bolt is an overlay plus connectors, not an AI in the ribbon.
A system of recordBolt acts across your systems; it does not replace your database, CRM, or ticketing system.

Where we are early rather than unsuitable, we say so: public reference logos at Fortune-500 scale and multi-year connector-maintenance SLAs are things a pre-scale company earns over time. That is real, and it is a reason some conservative buyers wait. It is not a capability gap. Note the shape of the list above: the genuine non-fits are inline network security, endpoint security, ML infrastructure, in-document Office authoring, and being a system of record. Almost everything else people ask for is reachable by configuration.

Full FAQ

Does Bolt work offline, and is it really useful before the AI fires?

Yes. Bolt opens as a desktop launcher and does 80+ instant utilities (JSON, base64, hashes, JWT, regex, time zones, currency, and more), clipboard history, notes, screenshot OCR, and local file search with no model call and no network. The launcher earns its keep before any AI cost starts. You can verify by turning off Wi-Fi and watching local tasks keep working.

Does Bolt have clipboard history?

Yes. Bolt captures copied text, images, and files into a searchable, pinnable clipboard history, stored encrypted on your device.

Can Bolt search my screenshots and local files?

Yes. On-device OCR makes the text inside screenshots and images searchable, and an opt-in on-device image model adds visual search. Bolt also indexes and searches your own file locations (for example Home, Desktop, Documents, Downloads) by name and content, with exclusions you control.

Does Bolt keep notes, and can I annotate images?

Yes to both. Bolt has device-local rich notes (formatting, lists, checklists, tables, links) with full-text search, encrypted at rest. You can also mark up screenshots and images with arrows, text, and redaction, then keep or securely share the result.

Can I share files and notes securely, and where are they stored?

Yes. Bolt turns a note or an annotated screenshot into an expiring, revocable link. Every file is encrypted on your device before it is stored, and the storage is yours: your own cloud drive (Google Drive, OneDrive, Dropbox) or, for teams, your organization's own S3 or MinIO bucket. The bytes never touch Sparcle. You control expiry (one hour to never), password, download limits, org-only access, and instant revoke, with a per-open audit trail.

Does Bolt have a terminal, and is it governed?

Yes. There is a real terminal and tmux in the launcher. Commands you type by hand are never governed, but any command Bolt itself injects (a saved recipe, a tmux send, an agent action) crosses a native policy chokepoint where admins allow or deny by rule, and the whole capability can be disabled by policy for regulated orgs. Deny and catastrophic-command enforcement are live today; a confirm-before-destructive dialog is staged.

Can I run coding agents like Devin or Claude Code inside Bolt?

Yes. Through the open Agent Client Protocol you can run Devin, Claude Code, Codex, or Gemini locally on your workspace, under the same approvals and audit, so you are not locked to one vendor's agent. Bolt hosts the agent locally; deeper server-side orchestration is a staged follow-up.

Is running AI in Bolt expensive?

It is designed not to be. A lightweight classifier runs before the agent loop and skips the model and tool-loading entirely for knowledge, greeting, and meta questions, and most everyday queries resolve on instant local engines with no model call at all. When a model is needed, Bolt caches the stable prompt prefix for a large discount and enforces a token budget, and because you bring your own key there is zero token markup. PII masking still runs on that fast path.

Can Bolt use my password vault?

Yes. Bolt searches across your connected vaults (1Password, Bitwarden, Apple Keychain, Windows Credentials) and copies a password, username, or TOTP in one keystroke, locally. Revealing a corporate or shared secret is policy-gated and audited; personal vaults stay ungoverned. Bolt can also generate strong passwords on demand.

Can Bolt use my screen, selection, or current tab as context?

Yes. A Chrome extension brings the current tab and selection to Bolt, and the launcher can pull your screen, selection, open tab, clipboard, or an on-device OCR of what is on screen into a prompt as first-class context. The sensitive ones are masked at the boundary before any model sees them.

How many tools can Bolt replace?

Easily two dozen categories: clipboard manager, snippet expander, JSON/regex/hash/JWT tools, timezone and currency converters, UUID and password generators, QR and color tools, screenshot-OCR search, local file search, a notes and annotation app, a password-vault front end, a secure file-sharing tool, a terminal, enterprise search, a cross-system agent, and an AI chat client, all under one identity and audit. Fewer licenses, fewer vendors, and fewer places your data can leak.

Is there a screen-share-safe mode for demos and meetings?

Yes. One toggle widens on-screen masking to an extended tier (email, phone, and more) so nothing identifying is painted while you screen-share or present; secrets and marked-sensitive values stay hidden regardless. Automatic meeting detection is a staged follow-up; the manual toggle is live.

Does Bolt have voice search or voice input?

Yes, and it is fully on-device. You can speak to the launcher; the microphone is captured and transcribed locally with Whisper, so audio never leaves the machine, unlike cloud dictation. Bolt adopts a local Whisper model if one is present, otherwise offers a one-time download. Voice input is currently an opt-in Labs experiment in builds that include it, not on by default.

Is my local data encrypted at rest?

Yes. Clipboard history, notes, and screenshot indexes are stored in a whole-database-encrypted local store, with the encryption key derived on-device and file-permission locked. Connector and OAuth tokens are held in a separate AES-256-GCM vault. Nothing local sits in plaintext.

How deep is the offline surface, really?

Deep. Beyond the utilities, Bolt carries a large offline knowledge catalog (currency, country and airport codes, time zones, HTTP status, ports, MIME types, ICD-10, exit codes, chmod, ASCII, and more), recognizes hundreds of value shapes on sight, and validates identifiers with real check-digit math offline (Luhn, IBAN, ISO 7064, Verhoeff for Aadhaar, plus 17+ national validators). Every paste is also scanned locally for hidden and dangerous characters, homograph attacks, and leaked secrets. None of this needs a network.

Does Bolt protect against Trojan-Source and homograph attacks?

Yes, offline, on every paste. Bolt flags hidden bidirectional and zero-width characters (the Trojan-Source class), homograph and confusable look-alikes, and leaked secrets such as cloud keys and private keys, before the content goes anywhere.

How does Bolt serve regulated industries like healthcare, finance, and defense?

Through swappable, signed compliance and vertical packs. 28 ship in the box, including healthcare, finance, defense, and legal cores plus jurisdiction privacy packs (GDPR, UK GDPR, CCPA, LGPD, DPDP, PIPL, APPI, PIPA, PDPA, POPIA, and more). An enabled pack masks or blocks its sensitive patterns at the model boundary and validates national IDs with real check-digit math. Packs install offline as signed bundles, so new regulation reaches an air-gapped deployment without a software update, and you can author your own pack in a short YAML manifest.

Can I add a new country or regulation myself, air-gapped?

Yes. A regulation pack is a short signed YAML manifest (jurisdiction, residency, retention, rights, safeguards, recognizers). You, a partner, or your counsel can author and sign one, and it installs offline with a review-and-consent step. Multi-jurisdiction is stacking packs.

Is my data sent to Sparcle?

No. Sparcle operates no cloud that receives your data and has no hosted ingest path. Local device data (clipboard, notes, screenshot indexes) is stored encrypted on your machine. When you connect a third-party system such as Gmail or Jira, Bolt talks to that system's API as you configured it; that is action on your systems, not exfiltration to a vendor. PII is masked before any prompt reaches a model.

Can I use my own LLM, and can I switch models later?

Yes at every tier. Point Bolt at OpenAI, Anthropic, Bedrock, Vertex, Ollama, NVIDIA NIM, LM Studio, or any OpenAI-compatible endpoint. Models are hot-swappable with zero token markup; you pay your provider directly. Bolt also auto-detects and adopts a local OpenAI-compatible runtime if one is already running on your machine.

If I switch models or backends, do I lose governance or have to re-run compliance?

No. PII masking, human approvals, audit, and identity-aware access attach to the boundary, above a swappable provider layer. Change the model, change the backend, or move to an air-gapped local model, and the same governance applies. You do not re-run compliance because you changed a model.

Do you support [our system]?

Almost certainly, by configuration. If it speaks MCP, point Bolt at the server and its tools become governed actions. If it has an API, a short YAML utility manifest turns it into a first-class Bolt action. Bolt ships 100+ integrations today (103 in-house connectors, roughly 350 more via Airbyte, plus any MCP-compliant server), and you can add your own without waiting on our roadmap.

How hard is it to add a new integration or format?

A few lines of YAML. A utility manifest has a recognize block that matches the input and a transform pipeline that shapes and routes it, locally or to any MCP tool. No fork, no vendor ticket.

Is there vendor lock-in?

No, at several layers. Model: bring and swap any LLM. Ecosystem: not tied to one vendor's suite, Bolt works across Microsoft 365, Google Workspace, Zoho, Slack, Jira, Salesforce, ServiceNow, SAP, and more via open MCP, with any OIDC identity. Protocol: open MCP, not a proprietary plugin marketplace. Deployment: self-host anywhere including air-gapped, with no dependency on a Sparcle cloud. Agent: bring any ACP coding agent.

Am I locked into Microsoft or Google if I use Bolt?

No. That is the point. Copilot is welded to Microsoft 365 and Gemini to Google Workspace; Bolt sits above whatever suite you run and connects to Microsoft 365, Google Workspace, Zoho, Slack, Jira, Salesforce, ServiceNow, SAP, and more through the open Model Context Protocol, with any OIDC identity. If you run a mix of suites, or change one later, Bolt does not change. You get the cross-ecosystem reach a single-vendor assistant cannot offer.

Is Bolt just enterprise search? Do I have to pay for parts I will not use?

No. Bolt is a daily-driver workspace that people open for local utilities, clipboard, notes, and search from day one, then use for governed action across connected systems. Aeira is the separate ACL-aware document-retrieval plane; you can run Bolt without it, or add it when you need governed enterprise search.

Is Bolt a network proxy, firewall, CASB, or antivirus?

No. Bolt is not an inline network device and not endpoint security. It governs what your workforce does with AI. Keep your proxy and your EDR; Bolt complements them.

Does Bolt run, fine-tune, or serve models on GPUs?

No. Bolt is the governed workspace, not ML infrastructure. You bring your model, and you or your serving stack (for example NVIDIA NIM or vLLM) run it. If your primary need is a model farm, pair Bolt with that infrastructure.

Is local model inference fully on-device today?

Partly. Bolt auto-detects and adopts a local OpenAI-compatible runtime and masks PII unconditionally at the boundary; that is generally available. The fully on-device generation loop is a committed next slice, and we do not claim it is finished.

Does Bolt work inside Word and Excel like an Office assistant?

No. Bolt is an overlay plus connectors, not an AI embedded in the Office ribbon. If your entire AI value is in-document and cloud AI is acceptable, a native Office assistant fits that specific need. Bolt fits when you need sovereignty, model choice, cross-system action, and a governed local surface.

Can I deploy air-gapped?

Yes. Docker Compose for staging, Kubernetes for production HA, on-prem, or fully air-gapped for ITAR and classified environments. License validation uses an offline-signed token, with no outbound calls.

What does it cost, and is there a free tier?

The full desktop build is free on your own machine with your own API key. Paid self-hosted tiers start at $30/seat/month (10-seat minimum). Founding customers get 25% off any tier, locked for 24 months, through the end of 2026 or until 50 customers sign.

Do you have Fortune-500 reference logos today?

Public reference logos at that scale are something a pre-scale company earns over time, and many of our target buyers are in environments where references are contractually restricted. If your procurement requires named public references before any purchase, that is a fair reason to wait. It is a stage limitation, not a capability gap.

How do I verify the data-locality claims myself?

Install the free desktop build, turn off Wi-Fi, and confirm local utilities, clipboard, notes, and file search keep working. For the enterprise deployment, everything runs inside your perimeter, so your own network monitoring is the proof. Request a pilot or an architecture review to run this end to end.