flowstay
skill
Fail
Health Pass
- License — License: Apache-2.0
- Description — Repository has a description
- Active repo — Last push 0 days ago
- Community trust — 14 GitHub stars
Code Fail
- rm -rf — Recursive force deletion command in build_app.sh
- rm -rf — Recursive force deletion command in create_release.sh
Permissions Pass
- Permissions — No dangerous permissions requested
Purpose
Flowstay is a macOS menu bar application that provides system-wide voice transcription with auto-paste functionality, allowing users to dictate text across any application. It supports various AI backends for transcription processing and text manipulation.
Security Assessment
The application requires microphone access (expected for a transcription tool) and accessibility permissions (for system-wide keyboard shortcuts). It makes network requests when configured with cloud-based AI providers like OpenRouter or when using the local Claude Code CLI integration. No hardcoded secrets were detected in the scanned code.
Two shell scripts (`build_app.sh` and `create_release.sh`) contain `rm -rf` recursive force deletion commands. These are located in build and release automation scripts rather than the core application runtime, which is common for cleanup steps during compilation. However, the use of `rm -rf` always warrants caution—ensure these scripts handle paths safely and are not invoked with user-controlled inputs.
No dangerous OS-level permissions beyond the expected microphone and accessibility access were found. The Claude Code integration relies on your existing local CLI authentication rather than requiring separate API keys.
Overall risk rating: Medium. The accessibility access and `rm -rf` in build scripts contribute to a slightly elevated risk profile, though no malicious behavior is indicated.
Quality Assessment
The project is actively maintained with a recent last push. It carries the permissive Apache-2.0 license and includes a clear description. With 14 GitHub stars, it is a small but visible project. The README is well-documented with build instructions, troubleshooting guidance, and transparent permission disclosures.
Verdict
Use with caution — the tool is well-structured and transparent, but review the build scripts containing `rm -rf` before executing them, and be aware of the broad accessibility access required for core functionality.
Flowstay is a macOS menu bar application that provides system-wide voice transcription with auto-paste functionality, allowing users to dictate text across any application. It supports various AI backends for transcription processing and text manipulation.
Security Assessment
The application requires microphone access (expected for a transcription tool) and accessibility permissions (for system-wide keyboard shortcuts). It makes network requests when configured with cloud-based AI providers like OpenRouter or when using the local Claude Code CLI integration. No hardcoded secrets were detected in the scanned code.
Two shell scripts (`build_app.sh` and `create_release.sh`) contain `rm -rf` recursive force deletion commands. These are located in build and release automation scripts rather than the core application runtime, which is common for cleanup steps during compilation. However, the use of `rm -rf` always warrants caution—ensure these scripts handle paths safely and are not invoked with user-controlled inputs.
No dangerous OS-level permissions beyond the expected microphone and accessibility access were found. The Claude Code integration relies on your existing local CLI authentication rather than requiring separate API keys.
Overall risk rating: Medium. The accessibility access and `rm -rf` in build scripts contribute to a slightly elevated risk profile, though no malicious behavior is indicated.
Quality Assessment
The project is actively maintained with a recent last push. It carries the permissive Apache-2.0 license and includes a clear description. With 14 GitHub stars, it is a small but visible project. The README is well-documented with build instructions, troubleshooting guidance, and transparent permission disclosures.
Verdict
Use with caution — the tool is well-structured and transparent, but review the build scripts containing `rm -rf` before executing them, and be aware of the broad accessibility access required for core functionality.
Flowstay is a MacOS app that allows instant transcription across all your apps with auto-paste. Stay in your flow state. 2x faster typing with your voice.
README.md
Flowstay
Flowstay is a macOS menu bar app for fast transcription with smart workflows, running on FluidAudio.
Screenshots
Menu Bar Ready State
Transcribed State
Personas Settings
Requirements
- macOS 15+
- Xcode 15+ (or Swift 6.2 toolchain)
Build
swift build -c release
Run
./build_app.sh
open /Applications/Flowstay.app
Tests
swift test
Permissions
Flowstay requires:
- Microphone access
- Accessibility access (for system-wide shortcuts)
Keyboard Shortcuts
- Toggle transcription shortcut defaults to
Option+Space, and you can customize it in Settings. - Hold-to-talk input is configurable in Settings:
Function keymode usesFn.Alternative shortcutmode uses a separate hold-to-talk shortcut you choose.
- Hotkey behavior modes:
Toggle: Uses the toggle shortcut to start/stop.Hold: Uses your selected hold input mode as press-to-talk.Both: Toggle shortcut for toggle, selected hold input mode for hold-to-talk.
- Shortcut settings persist across app relaunches using macOS
UserDefaults.
AI Providers
Flowstay personas support:
- Apple Intelligence (on-device, macOS 26+)
- OpenRouter (cloud, OAuth connection)
- Claude Code (local CLI integration)
Claude Code + Pro/Max subscriptions
When you pick Claude Code (experimental) in Settings, Flowstay invokes your locally installed claude CLI.
- If Claude Code is logged in with your Claude account, usage follows that Claude plan (including Pro/Max limits).
- If Claude Code is configured with
ANTHROPIC_API_KEY, usage is billed against Anthropic API credits instead. - Flowstay uses Claude Code CLI auth for this provider (not Agent SDK API-key auth), so users can keep their existing Claude subscription session.
- You can choose the Claude model (
haiku,sonnet,opus) in Personas settings. Strict rewritemode disables tools and enforces structured rewrite output; it is best-effort and can still fail on some prompts.Assistant (experimental)can answer requests directly instead of just rewriting transcript text.- Setup: install Claude Code, then run
claude loginin Terminal.
Troubleshooting
- If the app fails to start, check Console.app for crashes referencing NSWindow collection behavior.
- If transcription fails, verify microphone permission and model download status.
License
Apache-2.0. See LICENSE and NOTICE.
Reviews (0)
Sign in to leave a review.
Leave a reviewNo results found