Skip to content

Privacy

Local-first and private by default. You control whether anything leaves your boundary, and you can preview the exact sanitised payload before any external request.

Data flow

ActionData usedWhere it goesWho controls itRetentionDisable?
Local searchMetadata + fingerprintsStays on your machineYouLocal cache TTLYes
Private namespace searchTask + metadataPatchMesh (your tenant)YouAccount lifetimeYes
Enterprise searchTask + metadataYour enterprise networkOrg adminsOrg policyYes
Public GitHub searchSanitised task + language/frameworkGitHubOrg policyNot stored by usYes (policy)
Repository neighbourhoodSeed repo namesLocal dataset lookupAdminsDataset versionYes
Public PatchMesh searchTask + metadataPatchMesh public indexOrg policyIndex lifetimeYes
Artifact retrievalCapsule/commit referenceContent-addressed storeYouUntil deletedn/a

Honest notes

  • • Source files, secrets, repository/organisation names and internal symbols are not sent by default.
  • • Hashes, embeddings and structural fingerprints can reveal limited information — govern by policy.
  • • We do not train models on your code. We do not auto-publish private code.
  • • Retrieved code (especially external GitHub candidates) is untrusted until reviewed and tested.