Yeah I think point is very fair, the reason we host it on a proxy server was that we wanted to enable first time users to be able to use it without putting in an API key, the only way we could think of doing that without exposing the key was to host the tool on our own server. We looked to a tool like Cursor that users might be okay with that.
I the think the feedback is very fair that when an API key is present that all the calls should happen locally, and that is something I will take as an action item on us to improve.
I think that's another really good point, it was the first time we have open sourced a project or a library so I wasn't really sure how to best position it with the license. The reason I opted for AGPL was mainly because of the worry that someone bigger could come along and take what we've built and we'd kinda be stuck without an option.
If you'll humour me for a second, just for my own knowledge, I would love to learn a bit more about how you think about the license when deciding whether to use a tool like this or not?
AGPL still means someone can take what you've built and you'd be stuck "without an option(?)". Do you have a lawyer on retainer to pursue copyright claims? If no, and you don't want people to use your stuff, keep it closed source.
