What the Mac app does

After install, the InPolicy Mac app runs in the background as a menu-bar agent. It has no Dock icon, no main window, and no intrusive prompts. This page walks through what it actually does while it’s running.

The app places a shield icon (⎙) in your menu bar. The icon’s state tells you what’s happening:

Green checkmark overlay — Authenticated, detection running.
Slashed shield — Not authenticated or missing permissions. Click for details.
Grayed out — Paused (user toggled pause).

Click the icon to open a short menu with the current status, a pause toggle, a clipboard-check action, update-check, about, and quit.

Text detection

The app observes text in the currently focused field of the currently focused app using macOS’s Accessibility API (AXObserver). When you type:

The app captures your typing after a 400ms idle pause (debouncing rapid keystrokes).
It sends the current field’s text to the InPolicy backend for violation analysis.
If violations are found, a floating overlay panel appears near the field, non-activating (it won’t steal your keyboard focus).
The panel shows each violation with severity, the matched text, and — when the policy’s enforcement is set to “Fix” — a suggested rewrite.

The overlay auto-dismisses if you:

Click outside it.
Move focus to a different field.
Close the app you were typing in.

Which apps are monitored

By default, every native macOS app except:

Password managers and Keychain-related apps (hardcoded deny list).
Any bundle IDs on your org’s disabledAppsManaged list (see Managed preferences).

The app works in:

Mail, Messages, Notes, TextEdit, Safari (as a fallback — the browser extension is preferred for Chrome).
Slack, Discord, Teams (native apps).
Notion, Linear, Todoist (native apps).
Any Electron app (they expose standard AX APIs).
Any native Swift/AppKit app.

It will not work in:

Virtual machines (the guest OS’s text is invisible to the host).
Remote desktop sessions (same reason).
Apps running inside a sandboxed container that hides AX metadata.

What the overlay shows

For each violation, the overlay panel shows:

Policy name — e.g. “Customer data may not be sent to personal email.”
Severity badge — color-coded (red/orange/yellow).
Matched text — what you typed that triggered the match.
Apply fix button — if the policy has a “Fix” enforcement, shows a suggested replacement. Click to apply it in place. (⚠ Write-back via Accessibility is pending — see “What it doesn’t do yet” below.)
Dismiss — hides this overlay for 30 days for this exact match.
Feedback — send 👍 or 👎 to help train the model.

Multiple violations in the same field stack in a single overlay.

What it sends over the network

Only the text in the field you’re actively editing, sent to your tenant’s backend API over HTTPS. The app:

Does not read clipboard contents except when you explicitly trigger Check clipboard now from the menu.
Does not read text from other apps, other windows, or other fields.
Does not capture screenshots, audio, or video.
Does not log keystrokes.

Text sent for detection is processed and discarded — the backend does not retain it.

Analytics events

The app emits anonymous, tenant-scoped events to your org’s analytics dashboard:

app_installed — one event per install.
session_active — heartbeat every ~5 minutes while running.
violation_flagged — one per detected violation, includes policy ID and severity, no content.
violation_accepted — when the user clicks Apply fix.
violation_dismissed — when the user dismisses the overlay without acting.
violation_self_resolved — when the violation disappears (because the user edited the text) without them clicking anything in the overlay.

Every event is tenant-scoped. No user-identifiable metadata is attached. See Analytics privacy for the full model.

Clipboard check

From the menu bar, Check clipboard now runs a one-off detection on whatever’s currently on the clipboard. Useful for:

Paste-heavy workflows where you want to check before pasting.
Content you’re about to send in a messaging app the Mac app doesn’t cover.

The clipboard is read only when you trigger this action — never ambient.

Pause

From the menu bar, toggle Pause detection to stop all scanning until you toggle it back on. Useful for:

Brainstorming sessions where you don’t want interruptions.
Typing demo content that’s intentionally policy-violating.
Troubleshooting (“is InPolicy making this app slow?”).

Pause persists across restarts — if you quit and relaunch while paused, it stays paused. Click Resume detection to re-enable.

Offline behavior

When the backend is unreachable:

Detection pauses silently. No error popups.
The app queues a small amount of event telemetry to flush when connectivity returns.
A cached list of active policies is used for simple pre-filtering — the app can discard obviously-benign text locally without a round-trip — but actual AI-based detection requires the backend.

Once connectivity returns, detection resumes on your next keystroke in a monitored field.

What it doesn’t do (yet)

Apply Fix write-back — the overlay shows the suggested fix, but the in-place replacement via Accessibility write is pending in a future release. For now, the button copies the suggestion to your clipboard.
Inline underline overlays — the browser extension draws underlines under matched text; the Mac app shows a floating panel instead. Inline underlines on the Mac are a planned enhancement.
Windows support — the Windows app shares the same detection core (Rust) and is the next platform planned.

Quitting

Click the menu bar icon → Quit. The app confirms, then exits cleanly. It will auto-start on next login unless you’ve disabled autoStartAtLogin in Managed Preferences or removed the Login Item.

Install for an individual — setup for unmanaged Macs
Deploy via MDM — zero-touch deployment
Managed preferences — configuration reference