Gemini's on-device models (Nano, Flash variants) run locally on developer machines. For IDE autocomplete, inline suggestions, and latency-sensitive developer workflows, this is excellent. For enterprise security analysis — where the reasoning requires full codebase context, SBOM correlation, and cross-repo policy evaluation — on-device is not the right fit. The workloads are different.
What on-device models do well
Three developer-tool workflows:
- Inline completions. Low latency, local privacy.
- Contextual suggestions. Right-click "explain this function."
- Format fixes. Linting-adjacent corrections.
Each is local, latency-sensitive, and doesn't require organisational-level context.
What they don't do well
Three security-workload requirements:
- Cross-repo reasoning. The model needs access to the organisation's SBOM and policy, not just the local file.
- Organisational policy evaluation. Policies change centrally; on-device models can't see the central source of truth in real time.
- Audit trail to an organisational log. On-device actions are harder to centrally audit.
Security workflows need centralised context; developer tooling often does not.
How Safeguard handles the split
The Safeguard platform includes an IDE extension that provides developer-tooling features (inline security suggestions) with low latency. The extension can use either a local model or a central service depending on the workflow. Heavier reasoning — reachability analysis, remediation PR generation, policy evaluation — runs in the central platform where the context lives.
Customers get fast developer feedback and centralised security analysis. The right tool for each job.
What to evaluate
Two questions:
- Which workflows need low-latency local execution?
- Which workflows need organisational context and centralised policy?
Answer both; architect accordingly.
How Safeguard Helps
Safeguard's platform splits local-fast and central-deep workflows appropriately. Developer-tool features run with low latency; security analysis runs with full organisational context. Griffin AI handles the central reasoning; IDE extensions handle the local developer experience.