Personal context for AI agents on macOS, the way it actually ships today.

It is the set of facts an agent needs to know about you, on your machine, before any of your prompts make sense. Your name, your work email, the company name autofilled into checkout forms, the credit card metadata you use most, the addresses you ship to, the saved logins on the sites you actually use, the tools you visit every day. Without those, an agent that is told 'send the invoice to my usual client' has nothing to bind 'usual' to. Three patterns exist on macOS today. Cloud LLM memory layered onto chats (ChatGPT, Claude Projects). Apple Intelligence's on-device personal context (rolling out gradually). And a local extraction pipeline that scrapes the data out of your existing browser files and stores it on disk for the agent to query, which is what Fazm does.

Four Chromium browsers are supported by the bundled extractor: Arc, Google Chrome, Brave, and Microsoft Edge. The exact paths are in ai-browser-profile-swift-light/Sources/AutofillExtractor/Constants.swift under the browserPaths constant. They are all under ~/Library/Application Support: Arc/User Data, Google/Chrome, BraveSoftware/Brave-Browser, Microsoft Edge. Inside each, the extractor opens four files: 'Web Data' (autofill addresses, form fields, credit card metadata), 'Login Data' (saved usernames per site), 'History' (top services by visit count), and 'Bookmarks' (the JSON file of bookmarked domains). Each is a copy-and-read pass against the original SQLite or JSON file. Nothing is uploaded.

A single SQLite database at ~/ai-browser-profile/memories.db. Every memory is a row with a normalized key, a value, a list of semantic tags, and a source string. Tags are drawn from a fixed vocabulary so the agent can ask for a slice instead of the whole thing. The vocabulary is identity, contact_info, account, tool, address, payment, contact, work, and knowledge. A typical extracted profile contains your full name, all emails the browsers ever autofilled into a form, your phone numbers, every address you have shipped to, the last four digits of payment cards you autofilled, the saved usernames on each site you have logged into, and the top services by visit count.

Two tools. `query_browser_profile(query, tags?)` does a ranked text search over the memories table, optionally filtered by one of the nine tags. `extract_browser_profile()` re-runs the Swift extractor if the database is empty or stale. Both are wired into the agent's tool router in Desktop/Sources/Providers/ChatToolExecutor.swift. The skill file at Desktop/Sources/BundledSkills/ai-browser-profile.skill.md tells the model exactly when to call them: when you ask 'what is my email', tags ['contact_info']; when you ask 'what tools do I use', tags ['tool']; when you ask 'who am I', tags ['identity']. The system prompt that lists this as one of three context sources is in Desktop/Sources/Chat/ChatPrompts.swift around line 123.

Different surface, different scope, different timeline. Apple Intelligence's personal context is on-device and tied to Apple's own indices: messages, calendar, mail, notes, photos. It is the right answer for that surface. It does not read your Chromium browser data on a Mac, and as of April 2026 the rollout is still partial and bound to specific Apple silicon and OS combinations. The Fazm extractor reads the data Apple Intelligence does not touch: the four Chromium browsers' on-disk SQLite, the autofill profile a small business owner has been building over years of checkouts and signup forms, the saved logins on the sites that actually run their day. The two are complementary. Fazm reaches the data the OS-level features ignore.

Cloud memory is a chat-side feature. The model writes notes about you across sessions and prepends them to future prompts. It works fine for the things you have told it. It cannot see your address book, the phone number you autofill into Stripe checkout, the payment card nickname you saved in Chrome, or the fact that you log into QuickBooks every Monday. That data lives on your Mac, and it never reaches the cloud unless you copy-paste it into the chat. A local extraction pipeline reads it directly. The trade-off is privacy: the data is sensitive enough that you would not want it leaving the machine, which is exactly why the database stays on disk in your home directory and the agent has to be on the same machine to read it.

The Swift extractor today targets Arc, Chrome, Brave, and Edge (the four Chromium-family browsers that share the Web Data SQLite schema). Safari is on the roadmap; its autofill data lives in ~/Library/Safari and the encrypted keychain, so the read pattern is different. If Safari is your only browser, the extracted profile will be empty and the agent will rely on its conversational memory and any answers you give it directly. Most macOS users we see have at least one Chromium browser installed (often Chrome or Arc) even when Safari is their daily driver, because some sites still misbehave outside of Chromium.

The same skill exposes `edit_browser_profile(action: 'delete' | 'update', query, new_value?)`. After the first extraction the agent presents a complete summary of what it found ('here is your name, here are the emails I saw, here is the address I think is yours, here are the cards by last four digits, here are the top tools') and asks if anything should be removed or corrected. The deletes are immediate and SQL-level. There is no audit trail you cannot delete. The whole memories.db is a file, and removing it resets the personal context layer entirely.

Only the slice you ask about, and only if you are using a cloud model for that turn. The default routing is: when you ask the agent something that needs personal context, it calls `query_browser_profile` first, gets the matched memories, and includes them in the prompt to the language model for that turn. So if you ask 'send the usual to my main client', the model sees a few rows from the database and uses them. If you ask the agent something that does not require personal context, the database is never opened. You can also point the agent at a fully-local model using the custom API endpoint setting, which keeps the slice on-device end to end.

Three concrete paths to read. The Swift extractor lives at github.com/m13v/ai-browser-profile-swift-light, packaged as a Swift Package Manager dependency of the Fazm Desktop target (see Desktop/Package.swift in github.com/m13v/fazm). The tool router is at Desktop/Sources/Providers/ChatToolExecutor.swift around line 80, with cases for 'extract_browser_profile' and 'query_browser_profile'. The skill prompt that tells the model when to use them is at Desktop/Sources/BundledSkills/ai-browser-profile.skill.md. None of those files are obfuscated or compiled-only. You can clone the repo, open the files, and trace one round trip from a chat message to the SQLite read in about twenty minutes.