OpenAgently

Security & privacy

What leaves your machine,
and what never does

OpenAgently keeps repositories local at rest. Selected, non-excluded project content may be processed transiently to generate or improve instructions; the cloud retains instruction versions, metadata, and redacted derived signals rather than raw repository code.

Data classification

CategoryExamplesWhere it lives
Local at restYour complete repository and full native session transcriptsYour machine; not retained as cloud records
Transient processingSelected non-excluded project context used during instruction generation or maintenanceProcessed for the request; not retained as raw repository code in product storage
Synced metadataAgent names, goals, harness, project labels, version numbers, timestampsCloud, tenant-scoped to your account
Redacted signalsSession summaries with secrets stripped, correction/error markersCloud, tenant-scoped; deletion is support-assisted during beta
Intentionally excludedCredentials, environment secrets, and sensitive paths matched by the scannerExcluded before product processing

How the boundary is enforced

  • Local scanning and filtering. Repository discovery runs in the desktop app. Files matching secret patterns and sensitive paths are excluded before further processing.
  • Transient model processing. Generation and maintenance may send selected non-excluded context to a company-operated model. Raw repository content is not retained as product cloud data.
  • Redaction before transmission. The local daemon strips tokens, keys, connection strings, and credential-shaped values from session summaries before they leave your machine.
  • Redaction on receipt. The cloud API runs a second redaction pass on every summary it stores — defense in depth.
  • Tenant-scoped access. Every API request is authorized against your account. Your agents, projects, and signals are never visible to another tenant.
  • Desktop-only apply. The web dashboard cannot write to your repositories. Applying or rolling back a version happens only in the desktop app, on your machine, with your confirmation.
Authentication. Sign-in uses OpenID Connect (Authorization Code + PKCE) against our identity provider. The web dashboard and desktop app use separate OAuth clients; desktop tokens are stored encrypted with OS-level protection (DPAPI on Windows, owner-only files elsewhere).

Your controls

  • Sign out — stop authenticated cloud sync from that device.
  • Desktop approval — review and apply ready versions locally; the dashboard cannot edit your repository.
  • Dashboard visibility — inspect registered devices, versions, redacted signals, and recent cloud activity.
  • Privacy requests — request cloud-data export, deletion, or device revocation through [email protected] during the beta. Self-service controls are not yet available.

Frequently asked

Can OpenAgently edit my repo without me?

No. Instruction files are only written or rolled back by the desktop app after you approve, on your machine.

What exactly is in a "session summary"?

A short, derived description of what happened in a working session — for example, "user corrected the test command" — with secrets stripped. Not your prompts, not your code, not the transcript.

Is my data used to improve other customers' agents?

No. Improvement runs use only your own tenant's signals for your own agents.

How do I delete everything?

Contact [email protected] to request cloud-data deletion during the beta. Files already in your repositories remain untouched.