This is an experimental local-first setup exploring safer family-friendly chat patterns.
It combines a lightweight browser UI, local Ollama models, profile-based prompt and response filtering, and encrypted local conversation memory. This repo is not a certified child-safety product, not a guarantee, and not ready to market as a parental safety solution. It is a first step toward that goal, meant for local experiments, and open to contributions from people who want to test ideas, improve guardrails, or stress-test the current approach.
- What exists today
- Windows installation
- macOS / Linux installation
- Defaults
- Architecture
- Local config notes
- Known limits / what's missing
- Good first contributions
- Contributing
- License
- Windows note
- local web UI served by a small Python server
- local Ollama-backed chat model
- moderation pass on both the user prompt and the assistant reply
- a stricter
child-12profile with age-appropriate prompting and extra keyword screening - encrypted LangGraph short-term memory stored in local SQLite
- separate persisted threads for each device profile and conversation
- a chat model selector across Llama-family options with rough local memory guidance
Install uv:
powershell -ExecutionPolicy ByPass -c "irm https://astral.sh/uv/install.ps1 | iex"Install Ollama:
irm https://ollama.com/install.ps1 | iexAfter cloning the repo, run Setup Family Chat.cmd once.
Use the .cmd launchers rather than running the .ps1 files directly. The .cmd wrappers already call PowerShell with -ExecutionPolicy Bypass, which avoids the default Windows script-policy prompt for this local launcher flow.
What the setup script does:
- creates
.envfrom.env.exampleif needed - generates a local
LANGGRAPH_AES_KEYif the env file still has a placeholder - runs
uv sync - starts Ollama if it is not already running
- pulls the configured chat and guard models from
.env
The sample .env.example sets:
FAMILY_CHAT_ADMIN_PIN=4251That means the adult profile is enabled by default after setup. If you want a different PIN, edit .env after running setup and change FAMILY_CHAT_ADMIN_PIN. If you want model pulls to require the same PIN, also set FAMILY_CHAT_MODEL_PULL_REQUIRES_PIN=1.
After setup, open Open Family Chat.cmd.
What the open script does:
- starts Ollama in the background if needed
- starts the Family Chat Python server in the background if needed
- opens the browser to the local app
If you want it to start automatically after Windows login, run Enable Family Chat Auto Start.cmd once. That installs a per-user Startup launcher so nobody needs to manually run ollama serve or python -m family_chat.server.
The Windows scripts live in scripts/windows.
makeif your system does not already include it
Install uv on macOS or Linux:
curl -LsSf https://astral.sh/uv/install.sh | shInstall Ollama on macOS or Linux:
curl -fsSL https://ollama.com/install.sh | shmake setupThat creates .env from .env.example if needed, runs uv sync, and generates a local LANGGRAPH_AES_KEY when the sample placeholder is still present.
The sample .env.example sets:
FAMILY_CHAT_ADMIN_PIN=4251Change that in .env if you want a different adult PIN, or clear it if you want the adult profile disabled.
If you want to see the UI and safety flow without pulling models first:
make mockOpen http://127.0.0.1:8080.
Start Ollama in one terminal:
ollama servePull the configured models:
make modelsThen run the app:
make runOpen http://127.0.0.1:8080.
make test- The server binds to
127.0.0.1by default. - The sample env keeps the setup local and leaves LAN exposure as an explicit opt-in.
- The sample env sets
FAMILY_CHAT_ADMIN_PIN=4251, which enables theadultprofile by default. - Change the PIN in your local
.env, or clear it there if you want theadultprofile disabled. - Model-pull PIN protection only turns on when both
FAMILY_CHAT_ADMIN_PINandFAMILY_CHAT_MODEL_PULL_REQUIRES_PIN=1are set.
The browser never talks directly to Ollama.
Browser -> Family Chat server -> safety gate -> LangGraph memory lookup -> chat model -> safety gate -> LangGraph memory save
Why that matters:
- the child profile cannot bypass moderation from the UI alone
- age-based policy lives outside the base model
- blocked child prompts and blocked replies are never written into memory
- each install keeps its own isolated local memory
- you can swap in a larger chat model later without changing the safety flow
The sample .env.example covers the main local knobs:
LANGGRAPH_AES_KEYmust be exactly 16, 24, or 32 bytes longFAMILY_CHAT_DEVICE_MEMBERfixes the identity for this installFAMILY_CHAT_ADMIN_PIN=4251enables theadultprofile by default in the sample config- change
FAMILY_CHAT_ADMIN_PINin your local.envto use a different PIN FAMILY_CHAT_MODEL_PULL_REQUIRES_PIN=1makes model pulls use that same adult PIN
Privacy note:
- SQLite memory contents are encrypted
- copying only the database file should not expose chat contents
- copying both the database and the local
.envfile can still expose the contents - OS-level secure secret storage is still future work
- The guardrails are still basic. They combine prompting, a guard model, and manual keyword rules, but they have not been deeply red-teamed yet.
- The admin PIN is intentionally lightweight. It is a convenience control, not a tamper-proof parental control system.
- The local setup is still technical. It is better suited to makers and developers than to average parents today.
- Child safety coverage is incomplete. This should not be presented as a comprehensive or certified protection layer.
- High-risk topics still need more nuanced handling and better refusal flows.
- The current evaluation story is thin. More adversarial tests, multilingual cases, and edge-case safety checks are needed.
- add stronger safety and jailbreak tests
- add more age profiles and safer refusal patterns
- improve admin gating and parent-only controls
- package a smoother Windows install path
- tighten the UI copy and setup guidance
- improve documentation around threat model and limitations
Ideas, issues, and pull requests are welcome. If you want to help, start with CONTRIBUTING.md. Recent project history is tracked in CHANGELOG.md.
This project is available under the MIT License.
This started as a macOS-first experiment, but the longer-term target is a Windows-friendly setup for local home use. If you want to help with packaging, startup scripts, or installer ergonomics, that is a high-value contribution area.