I’m curious how others are handling this. I work at a medium-large company with normal corporate security restrictions. Apps need to come from the company portal. Running random .exe files or installing dev tools is restricted. The company is starting to lean into AI, but slowly. Right now, the only clearly approved AI tool is Copilot. I’m not in a development role. I work with suppliers, order history, part data, pricing files, and reporting. A lot of the data is messy. Supplier names do not match. Part numbers are inconsistent. Internal records often do not line up with supplier records. Reporting is mostly Power BI, and a lot of cleanup still happens manually. Using Claude Code on my own time, I’ve started building small local tools for things like:
- Fuzzy matching supplier and part data
- Column search and mapping
- Audit logs for data cleanup
- Matching supplier files to internal records
- Flagging pricing outliers
- Turning messy order history into RFQ-ready files
- Saving corrected mappings for reuse later These tools would not use AI at runtime. The idea is: Use AI to help build the tool. Run the finished tool locally. Keep company data on the work machine. Do not send company data to an AI model. Do not connect the tool to the internet. Use a local GUI or webview front end over Python. The problem is approval. The tools could save hundreds of hours per year and reduce errors. They could also create reusable cleanup logic for future files instead of fixing the same data issues over and over. But because AI was involved in building them, leadership gets nervous. They hear “AI” and assume company data is going into a model, even when the finished tool has no AI connection at all. For anyone in a similar locked-down corporate environment:
- Have you successfully gotten local AI-built tools approved by IT or security?
- How did you frame the conversation?
- Did you focus on the tool architecture, data flow, risk controls, or business value?
- Did you package it as Python, an internal web app, Power Platform, or something else?
- What mistakes should I avoid before approaching IT? I’m not trying to dodge security policy. I’m trying to figure out the right way to bring useful local automation into a corporate environment without getting myself in trouble or creating risk for the company. Curious what has worked for others. submitted by /u/Well_thats_not_great
Originally posted by u/Well_thats_not_great on r/ClaudeCode