Security Whitepaper
Architecture, data flows, local storage, and network boundaries across GetWebP's web converter, Chrome extension, CLI, MCP server, and WordPress plugin.
This document explains how GetWebP handles image bytes, local state, and network traffic across the web converter, Chrome extension, CLI, MCP server, and WordPress plugin.
It is based on the shipped code and documentation in this repository as reviewed on April 23, 2026. It is intentionally specific about scope: this whitepaper separates the image-processing data plane from the website, licensing, and account control plane. It is also intentionally conservative about implementation detail: the goal is to document stable security properties, not transient internal wiring.
Executive Summary#
- Image conversion is local across every GetWebP product. There is no GetWebP-operated upload endpoint for image bytes.
- "Your bytes never leave your device" applies to the image-processing data plane. It does not mean the marketing site, dashboard, or license system are zero-network services.
- The converter products do not ship analytics, telemetry, or crash-reporting SDKs.
- License activation, status checks, silent renewals, and account operations do generate network traffic, but that traffic is control-plane metadata rather than image content.
- The WordPress plugin runs on the customer's server, not in the end user's browser. For that product, "local" means "inside your own infrastructure."
- The Chrome extension may fetch the source image from its original website when you invoke conversion on a remote page, but it does not relay that image to GetWebP.
Scope and Terminology#
This whitepaper covers:
- Where image conversion executes
- Which product surfaces can make outbound network requests
- What is stored locally
- What data GetWebP does and does not receive
- Product-specific security boundaries and residual risks
This whitepaper does not claim:
- That your own device, browser, WordPress host, CDN, or object storage is secure by default
- That local execution eliminates all decoder, browser, or operating-system vulnerabilities
- That the marketing site and dashboard are "offline" or "zero logging"
- To provide legal advice; compliance implications depend on your deployment and jurisdiction
Security Boundary: Data Plane vs. Control Plane#
The key design decision in GetWebP is the separation between the image-processing path and the product-control path.
| Plane | Includes | Sent to GetWebP-operated services? | Notes |
|---|---|---|---|
| Data plane | Input image bytes, decoded pixels, intermediate buffers, output files, image metadata handled during conversion | No | This is the path people usually mean when they ask whether GetWebP "uploads images." |
| Control plane | License keys, signed tokens, device identifiers or hashes, domain/site identifiers, account cookies, OTP login requests, contact-form data | Yes, when the relevant feature is used | This traffic is limited to licensing, account, billing, support, and website operations. |
If a statement in this document says "no upload" or "local-only," it refers to the data plane unless stated otherwise.
Product Matrix#
| Product | Where conversion runs | Do image bytes go to GetWebP? | Control-plane network surface |
|---|---|---|---|
| Web converter / PWA | In the browser tab on the user's machine | No | Initial site asset load, optional auth/dashboard traffic, cookie and privacy-preference flows |
| Chrome extension | In the browser extension context using bundled code and browser APIs | No | Optional license activation and renewal; welcome-page open on install |
| CLI | In the local OS runtime on the user's machine | No | License activation, status, logout, and heartbeat |
| MCP server | In the local MCP host process using the same core as the CLI | No | Same license surface as the CLI because it reuses the CLI credential store |
| WordPress plugin | In the customer's WordPress / PHP runtime on the customer's server | No | Optional license activation, verification, deactivation, and scheduled re-checks |
Web Converter and PWA#
The web converter runs inside the user's browser and uses the local conversion engine directly. There is no server-side image-processing hop in the normal conversion flow.
What this means in practice:
- Image files selected in the converter are processed in-browser.
- The Progressive Web App can work offline after its assets have been cached locally.
- There is no image-upload endpoint to GetWebP for browser conversion.
- Cookie consent and minimal website preferences are stored locally in the browser.
Important boundary:
- The website itself is still a normal website. The repo contains cookie consent flows, OTP-based auth/dashboard flows, and privacy/GDPR pages that explicitly describe website-operation data such as IP address, browser information, page visits, and necessary security logging.
- Those website operations are separate from image conversion. They do not imply that image bytes are uploaded, but they do mean the site is not a "zero-network" property in the absolute sense.
Chrome Extension#
The Chrome extension uses Manifest V3 and ships its conversion logic inside the extension package. It does not fetch remote code at runtime for conversion.
Permission surface#
| Permission | Why it exists |
|---|---|
contextMenus | Add right-click conversion actions |
activeTab | Act on the page the user is currently using |
scripting | Inject page-specific helpers when needed |
downloads | Save converted files |
storage | Persist preferences and license state |
sidePanel | Render the main extension UI |
offscreen | Handle offscreen browser tasks used by the extension flow |
notifications | Show user-visible status notifications |
alarms | Drive background license-renewal checks |
| Broad host permissions | Read and fetch the image the user explicitly acts on from the page or origin the user chose |
Equally important are the permissions the extension does not request: no browsing history, no bookmarks, and no password-manager permissions.
Local state#
The extension stores user preferences and local license state in browser-managed extension storage. For paid use, this includes the signed local license token, the local license credential needed for renewal, and renewal-warning state used by the background alarm flow.
Pro status is derived from the signed token rather than a plain stored boolean. That reduces the risk of trivial local flag tampering.
Network behavior#
Two different network cases matter:
-
Source-image fetches from the original site When the user right-clicks an image on a webpage, the extension may fetch that image from its original origin so the browser can read the bytes locally. That is browser-to-origin traffic, not an upload to GetWebP.
-
License control plane If the user activates or renews a paid license, the extension calls the GetWebP license service and stores the returned signed token locally.
So the strong claim is:
- The extension makes zero GetWebP conversion uploads.
- It does not make zero network requests in every possible extension workflow.
CLI and MCP Server#
The CLI is the clearest local-only deployment model in the product line: it reads files from disk, converts them in memory, and writes outputs back to disk.
CLI guarantees#
The CLI security document and shared facts for the repo make the following guarantees explicit:
- Image bytes are never uploaded
- File names, directory paths, and folder structure stay local
- Conversion settings are not reported to a server
- No analytics, telemetry, or crash-reporting SDKs are present
- Day-to-day conversion works offline after activation
CLI control plane#
The CLI does contact the GetWebP license service for:
- activation
- status
- logout / device unbind
- a lightweight heartbeat used for license-state checks
That traffic is license-related metadata only. It is not image content.
Device identity and local storage#
The CLI binds a Pro license to a device using a one-way hash of a machine identifier. It stores its local license state in an encrypted config file and verifies the license token offline using an embedded public key.
MCP server boundary#
The MCP server is not a cloud API. It is a local stdio server that imports the same conversion core used by the CLI. In practical terms:
- the LLM client talks to a local MCP process
- the MCP process converts files on the same machine
- the MCP server reuses the CLI credential store for licensing
- its network surface is therefore the same control plane as the CLI, not a separate image-upload service
WordPress Plugin#
The WordPress plugin has a different execution model from the browser and CLI products, so its boundary needs to be stated precisely.
Where processing happens#
The plugin processes images inside the customer's own WordPress / PHP environment. That means:
- GetWebP does not receive the site's image bytes
- conversion is local to the site's own infrastructure
- image data may still appear in the site's own logs, backups, object storage, CDN, or hosting stack depending on how the site is configured
This is still a strong privacy property with respect to GetWebP, but it is not the same thing as "only in the user's browser."
License and verification behavior#
The plugin calls the GetWebP license service for:
- activation
- deactivation
- verification
- info retrieval
It also schedules a daily verification check. If the network is unreachable, the code grants a short grace period before downgrading the local license state.
Local storage#
The plugin stores its local license state in encrypted form in WordPress options. It does not store the key in plaintext by default.
Additional network nuance#
The plugin may issue self-directed requests to inspect server-rewrite behavior on the customer's own site. Those probes are operational checks against the site itself, not uploads to GetWebP.
Data GetWebP Does Not Collect for Conversion#
Across the product line, the documented and code-backed anti-facts are:
- no image uploads to GetWebP-operated services
- no conversion telemetry
- no analytics SDKs inside the converter products
- no crash-reporting SDKs inside the converter products
- no per-conversion reporting of filenames, paths, file sizes, or settings from the CLI / MCP flow
This is why the security model is best described as structural: the products avoid creating a server-side image-retention problem in the first place.
Data That May Still Be Processed#
GetWebP does process some non-image data when the relevant features are used.
| Category | Examples | When it appears |
|---|---|---|
| Licensing | license key, signed token, device hash, domain / site identifier | Pro activation, renewal, status, logout, WordPress verification |
| Website operations | IP address, browser/device info, page visits, cookie preferences | Visiting getwebp.com and using the website |
| Account and dashboard | email, OTP login requests, auth cookies, license-management actions | Using the dashboard or billing/account flows |
| Support | name, email, message body | Contacting support through forms or email |
None of those categories are image uploads, but they are still part of the broader service footprint and must be accounted for honestly.
Compliance Posture#
GetWebP's architecture materially simplifies privacy review for image content because image bytes do not traverse a GetWebP-controlled processing backend.
The strongest accurate compliance statement is:
- For local image processing, GetWebP acts as software provider rather than remote processor of the image content.
- For website, licensing, account, and billing flows, GetWebP still operates normal web-service surfaces that process limited operational and account data.
So the correct enterprise reading is not "GetWebP processes no data at all." It is:
- "GetWebP does not process your image content on its own servers."
That distinction matters for GDPR, CCPA, procurement review, and internal security questionnaires.
Integrity and Hardening Notes#
Several integrity properties are product-specific:
- Chrome extension: Manifest V3 package, bundled runtime code, extension CSP declared in the manifest
- CLI: SHA-256 checksum workflow for releases and offline signature verification of license tokens
- MCP server: local stdio execution and direct import of the CLI core rather than delegation to a hosted image API
- WordPress plugin: encrypted storage for the license key and privilege checks around admin actions
This whitepaper intentionally does not make stronger claims than the repo supports. For example, it does not claim formal third-party audits, SOC 2 coverage, or universal website CSP hardening where the implementation evidence is not present here.
Residual Risks and Non-Goals#
No local-first design removes every risk. The important residual risks are:
- Compromised endpoint: if the user's browser, desktop, or WordPress host is compromised, local processing does not protect against local theft.
- Decoder vulnerabilities: WebAssembly and browser sandboxing reduce exposure, but they do not eliminate the possibility of image-parsing bugs.
- Third-party origin visibility: the Chrome extension may fetch a source image from the site that already hosts it; that origin can still observe the request.
- Customer infrastructure copies: WordPress hosting stacks may create backups, logs, or cached copies outside GetWebP's control.
- Normal website threat model: dashboard auth, cookies, billing, and support remain standard web-service surfaces and should be reviewed as such.
Disclosure and Related Documentation#
Security reports: security@getwebp.com
Related documents: