Security
Your code never leaves your machine.
Hexcore processes activity metadata only — session status, file paths, cost data. The local daemon is open source, so you can verify this yourself.
Data access
| Data | Detail | |
|---|---|---|
| Metadata we process | ||
| File paths | Paths of files read or modified | |
| Session status | Agent label, busy/idle/blocked | |
| Plan documents | Full plan markdown and task status | |
| Turn previews | Truncated instruction (500 chars) and response previews (200 chars) | |
| Cost & tokens | API cost, model, token counts | |
| Commit messages | Messages, SHAs, file lists | |
| Command strings | Command text with secrets auto-redacted | |
| Risk signals | Error rate, context usage % | |
| Never collected | ||
| Source code | File contents never read or transmitted | |
| Full conversations | Only truncated previews, never complete exchanges | |
| Command output | stdout / stderr never leaves | |
| Commit diffs | Code changes never transmitted | |
| Env vars & secrets | .env files, API keys, credentials | |
| Search results | Only query strings, never results | |
Plan documents may reference business logic or architecture decisions. Ensure engineers avoid including credentials directly in plans or command arguments.
Infrastructure
| Transit | TLS (WebSocket Secure) |
| Auth | Google OAuth — no passwords stored |
| Tokens | JWT with 15-min TTL, auto-refreshed |
| Encryption at rest | AES-256-GCM for stored credentials |
| Isolation | Per-team — no cross-customer access |
| Opt-in | Relay enabled per project, off by default |
| Deletion | On request within 30 days, cascading |