first of all, don’t worry … openrouter seems safe, and it’s also probably “fine” to send your data to Anthropic or OpenAI or Google through their proprietary harnesses!
but as soon as you start sending requests to a web server (or router), you are passing your data to openrouter, as well as any intermediaries openrouter might send your requests through, and of course any cloud model providers you choose.
if you use the local models – even though enough runs in your browser so it’s not exactly intuitive, not to me at least – everything you’re doing stays on your machine unless you decide to upload or paste it somewhere.