IT Policy & Network Egress
Last updated: 4 May 2026 · Version 0.1 · Operated by MeliUX Ltd. For the broader trust posture see /trust.
1. Network egress endpoints
AllAddin connects outbound only. There are no inbound listeners on the user's machine, no peer-to-peer traffic, and no auto-discovery. All traffic is HTTPS over TCP/443.
| Endpoint | Protocol / port | Purpose |
|---|---|---|
revitclaw-production.up.railway.app |
HTTPS / 443 | Backend API. AllAddin sends the request envelope (intent + structured context, no model contents -- see /trust §1) and receives generated code + execution outcome. |
alladdin.dev |
HTTPS / 443 | Marketing + docs site, version-check endpoint, signed installer download. Hit on first launch and once per day for update polling. |
www.gstatic.comfonts.gstatic.com |
HTTPS / 443 | System fonts the panel uses if the local font cache is missing. Optional -- works without if blocked. |
sentry.io(or your firm's self-hosted Sentry) |
HTTPS / 443 | Error monitoring. send_default_pii=False; only stack traces + request metadata. Disabled by setting SENTRY_DSN="" in %APPDATA%\AllAddin\config.ini if your firm prefers no telemetry. AllAddin works fully without Sentry. |
What AllAddin does NOT contact: third-party AI providers directly (Anthropic / OpenAI / Mistral). All AI calls route through the AllAddin backend; the user's machine never establishes a direct connection to a third-party model provider. That's a deliberate architecture choice -- keeps the API keys out of every user's machine, keeps the audit log centralized, keeps your firm's network exposure to a single allow-listed host.
2. Inbound network surface
None. AllAddin opens no listening ports, runs no services, and does not register itself as a firewall exception. The only inbound connection is whatever Revit itself opens (typically the BIM 360 / ACC / cloud-collaboration sockets that Autodesk's own add-ins use); AllAddin doesn't add to that surface.
3. Telemetry posture
- Anonymous usage telemetry. Request timing, model used, success/failure flag. No model contents, no element data, no project filename.
- Error telemetry (optional). Stack traces +
request metadata via Sentry. Disabled by setting
SENTRY_DSN="". AllAddin works fully without it. - Auto-update polling. Once-per-day check
against
alladdin.dev. Disabled by settingauto_update_check=falsein%APPDATA%\AllAddin\config.ini. - No advertising or tracking pixels. No Google Analytics, no LinkedIn Insight Tag, no third-party beacons.
4. Authentication
AllAddin uses a per-user bearer token (we call it an "RC token")
issued by us at onboarding. The token lives in
%APPDATA%\AllAddin\config.ini, encrypted with
Windows DPAPI in the user-scope. Stolen config.ini
on a different machine is useless -- DPAPI can only decrypt on
the original Windows account.
Tokens are revocable from our admin panel within seconds. If your firm's security review needs a "we can revoke at any time" guarantee in writing, email trust@alladdin.dev and we'll confirm in the response.
5. Allow-list memo template
Drop-in copy your BIM developer can hand to your IT team to request approval. Edit the bracketed fields and forward.
Internal memo template
To: [IT manager / vendor-risk lead]
From: [BIM developer name]
Re: Approval request -- AllAddin (Revit add-in by MeliUX Ltd)
I'd like to install AllAddin, an AI-assisted Revit add-in, on my machine to [specific use case -- e.g. "automate the sheet-creation workflow on the [Project] project"]. Below is the network-egress profile our IT team needs for an allow-list decision.
Vendor: MeliUX Ltd (UK), Companies House
12413967, ICO registration ZC137214.
Trust posture: ISO 27001 ISMS drafted (51 v0.1
docs, all 93 Annex A controls in scope), full posture at
https://alladdin.dev/trust.
Security disclosure:
https://alladdin.dev/security.
Network egress to allow-list (HTTPS / 443 outbound only):
revitclaw-production.up.railway.app-- backend APIalladdin.dev-- site + signed installer + version checksentry.io-- error monitoring (optional; can disable)fonts.gstatic.com-- fonts (optional)
No inbound listeners. No P2P. No direct connections to AI providers (Anthropic / OpenAI / Mistral) -- all AI calls route through the AllAddin backend, so your firm's network sees a single allow-listed host, not the broader AI ecosystem.
What AllAddin sends: my natural-language
request + a small structured snapshot of the active selection
(element types and counts, no geometry). What stays on
my machine: model contents, geometry, parameter values,
the .rvt / .rfa files themselves. Full
data-flow disclosure at
https://alladdin.dev/trust#what-leaves-your-machine.
Authentication: per-user bearer token, encrypted at rest with Windows DPAPI (user-scope; stolen file on another machine is useless). MeliUX can revoke any token within seconds.
Installer: signed MSI (Authenticode,
publisher "MeliUX Ltd"). Standard Programs-and-Features
uninstall -- see uninstall guarantee at
https://alladdin.dev/trust#uninstall-guarantee.
If a security questionnaire is required, MeliUX maintains a
template they'll return filled in: email
trust@alladdin.dev.
6. What MeliUX provides on request
Email trust@alladdin.dev for any of the below; turnaround under two business days.
- A completed copy of your firm's vendor-risk-assessment questionnaire (we maintain a template covering the common ISO 27001 / SOC 2-style questions).
- A point-in-time export of all the data we hold for your seat (DSAR) -- separately from this, but available via /dsar.
- The signed Data Processing Agreement at /dpa, ready for your firm's signature.
- A list of every sub-processor in the data path (/sub-processors).
- The vulnerability disclosure policy at /security if your security team wants to test.