docs: clarify data flow transparency - raw data local, results to LLM

- README: diagram now shows analysis results flow to LLM provider
- README: 'Privacy-first' changed to 'Local processing' with caveat
- SECURITY.md: detailed explanation of what stays local vs what reaches LLM
- Both files recommend local LLM (Ollama) for full air-gapped privacy

Author: LGDiMaggio

README.md

@@ -63,8 +63,11 @@ This project is built around the **Model Context Protocol (MCP)** — an open st
                │
                ▼
 ┌──────────────────────────────────────────────────────────────┐
-│   YOUR DATA (stays on your machine — privacy-first)          │
+│   YOUR DATA (raw files stay on your machine)                 │
 │   Vibration signals · Equipment manuals · Trained models     │
+│                                                              │
+│   ⚠️  Analysis results (peaks, RMS, diagnoses) flow back     │
+│   to the LLM provider. Use a local LLM for full air-gap.     │
 └──────────────────────────────────────────────────────────────┘
 ```
 
@@ -73,7 +76,7 @@ This project is built around the **Model Context Protocol (MCP)** — an open st
 ### What This Means For You
 
 - **🔌 Plug-and-play** — Add new analysis tools (thermography, oil analysis, acoustics) as simple Python functions — the LLM discovers them automatically
-- **🔒 Privacy-first** — All data stays on your machine; only tool calls and results flow through the LLM
+- **🔒 Local processing** — Raw signals never leave your machine; only computed results (peaks, RMS, diagnoses) flow to the LLM. Use a [local LLM](https://ollama.com/) for full air-gapped privacy
 - **🤖 LLM-agnostic** — Works with Claude, ChatGPT, or any MCP-compatible client
 - **🧱 Modular** — Use only the tools you need, extend with your own
 

SECURITY.md

@@ -30,10 +30,14 @@ If you discover a security vulnerability in this project, please report it respo
 
 This MCP server is designed to run **locally** on your machine:
 
-- All data processing happens locally (no cloud transmission)
-- Signal data and reports remain on the local filesystem
-- ML models are trained and stored locally
-- No network requests are made during normal operation
+- All signal processing (FFT, envelope, statistics, ML) runs locally — no third-party analytics APIs
+- Raw signal files (CSV), equipment manuals (PDF), and trained ML models never leave your filesystem
+- HTML reports are generated and stored locally
+- The MCP server itself makes **no network requests** during operation
+
+> **Important**: While the server processes data locally, the **analysis results** (peak frequencies, RMS values, statistical summaries, diagnostic text, manual excerpts) are returned to the LLM client and transmitted to the LLM provider's API (e.g., Anthropic, OpenAI). This is inherent to any LLM-based workflow — the LLM needs tool outputs to generate responses. Raw signal arrays are never sent in full; only computed summaries and metrics flow through the LLM.
+>
+> **To maximize privacy**: Use a local LLM (e.g., Ollama, LM Studio) as your MCP client — this keeps the entire pipeline on your machine with zero data leaving your network.
 
 ### File System Access
 
@@ -58,6 +62,7 @@ The server accesses the local filesystem for:
 ### Data Privacy
 
 - **No telemetry**: The server does not collect or transmit usage data
-- **No external APIs**: All analysis runs locally without internet
+- **No external APIs**: The server itself makes no network calls — all analysis runs locally
 - **Sample data**: Included dataset is from public research sources (MathWorks)
-- **Your data**: Any proprietary vibration data you add stays on your machine
+- **Raw data stays local**: Your proprietary vibration signals, manuals, and models remain on your filesystem
+- **Analysis results flow to LLM**: Computed metrics (frequencies, RMS, kurtosis, diagnoses) are returned to the LLM provider as tool outputs — this is inherent to MCP-based workflows. For full air-gapped privacy, use a local LLM client