> ## Documentation Index
> Fetch the complete documentation index at: https://docs.cogniscape.app/llms.txt
> Use this file to discover all available pages before exploring further.

# Developer Privacy

> What Cogniscape captures from Claude Code, Codex, and Cursor sessions, what it doesn't, and why — full transparency for developers whose activity flows through the platform.

When you use Claude Code, Codex, or Cursor with Cogniscape installed, a lightweight background process captures **development activity metadata** from your coding sessions. This page explains exactly what is collected, what is not, and the purpose behind each data point.

<Note>
  Cogniscape never reads your prompts, your conversation history, or the content of your files. It captures activity metadata — the same kind of information that already appears in your git log.
</Note>

## What triggers data collection

Cogniscape registers hooks in your AI coding tool that fire at specific moments during a session. No data is collected outside of these events.

<Tabs>
  <Tab title="Claude Code">
    | Event               | When it fires                                          |
    | ------------------- | ------------------------------------------------------ |
    | Session start       | You open a new Claude Code session                     |
    | Session summary     | The agent finishes its work and returns control to you |
    | Subagent conclusion | A background agent finishes its work                   |
    | Stop failure        | The agent stops on an unrecoverable error              |

    <Info>
      The session-start hook only seeds local context (your current branch) — it stores no activity episode. Every captured field comes from the session-summary, subagent-conclusion, and stop-failure events.
    </Info>
  </Tab>

  <Tab title="Codex">
    | Event           | When it fires                                      |
    | --------------- | -------------------------------------------------- |
    | Session start   | You open a new Codex session                       |
    | Session summary | Codex finishes its turn and returns control to you |

    <Info>
      Codex uses only the session-start and session-summary hooks. As with Claude Code, session-start stores no episode — it seeds local context. Tool counts and work context are extracted from the session transcript when the turn ends.
    </Info>
  </Tab>

  <Tab title="Cursor">
    | Event           | When it fires                                          |
    | --------------- | ------------------------------------------------------ |
    | Session start   | You open a new Cursor AI session                       |
    | Session summary | The agent finishes its work and returns control to you |
    | Session end     | You close the session                                  |

    <Info>
      Cursor integration captures less metadata than Claude Code. Token usage, file lists, and command history are not available through Cursor's hook system. As elsewhere, the session-start hook stores no episode.
    </Info>
  </Tab>
</Tabs>

## What we capture and why

Every field we collect serves a specific purpose in answering the five core questions Cogniscape is built around: **what** happened, **who** did it, **when**, **how**, and **why**.

### Identity and context

| Field            | Example                  | Purpose                                              |
| ---------------- | ------------------------ | ---------------------------------------------------- |
| Developer name   | `"alice"`                | Attribute activity to the right person (**who**)     |
| Repository       | `"acme/backend"`         | Scope activity to a project (**what**)               |
| Branch           | `"feat/retry-payments"`  | Track which initiative is being worked on (**what**) |
| Session duration | `1842` (seconds)         | Understand effort distribution (**when** / **how**)  |
| Timestamp        | `"2026-03-28T14:32:00Z"` | Place activity in time (**when**)                    |

### What the AI assistant did

| Field                | Example                                                 | Purpose                                                    |
| -------------------- | ------------------------------------------------------- | ---------------------------------------------------------- |
| AI response summary  | `"Implemented retry logic with exponential backoff..."` | Understand the work that was done (**what** / **why**)     |
| Tool usage counts    | `{"Edit": 12, "Read": 8, "Bash": 5}`                    | Gauge session complexity (**how**)                         |
| Files touched        | `["src/payments/retry.ts", "tests/retry.test.ts"]`      | Track which areas of the codebase were involved (**what**) |
| Recent commands      | `["npm test", "git status"]`                            | Understand the development workflow (**how**)              |
| Test results         | `passed: true`                                          | Track quality signals (**how**)                            |
| Token usage by model | `{"claude-opus-4-6": 45000}`                            | Resource attribution (internal analytics)                  |

<Warning>
  The AI response summary contains only the **assistant's messages** — never your prompts or questions. It is also truncated and sanitized before storage: code blocks, URLs, and identifiers are stripped.
</Warning>

## What we do NOT capture

This is the most important section of this page. The following data **never leaves your machine**:

<AccordionGroup>
  <Accordion title="Your prompts and questions">
    When you type a message to Claude Code, Codex, or Cursor, that text stays local. Cogniscape explicitly filters out all user messages — only assistant responses are processed, and even those are truncated and sanitized.
  </Accordion>

  <Accordion title="Your conversation history">
    The full transcript of your session is never sent to Cogniscape. The CLI reads the transcript file locally to extract metadata (duration, tool counts, file lists) and then discards the file reference. The transcript itself is never uploaded.
  </Accordion>

  <Accordion title="Source code and file contents">
    Cogniscape captures **file paths** (e.g., `src/payments/retry.ts`) but never the content of those files. Paths are also converted to repository-relative format — absolute paths and home directory references are stripped before transmission.
  </Accordion>

  <Accordion title="IDE settings, secrets, and credentials">
    No IDE configuration, environment variables, `.env` files, API keys, or authentication tokens are ever accessed or transmitted. The CLI only reads the hook payload provided by the AI tool and your local git configuration (name, email, branch).
  </Accordion>

  <Accordion title="Full command output">
    Only the **last 5 commands** you ran are captured, and each is **truncated to 200 characters**. Long commands, heredocs, and multi-line scripts are dropped entirely. Command output (stdout/stderr) is never captured.
  </Accordion>

  <Accordion title="Absolute file paths">
    All file paths are converted to repository-relative paths before transmission. Your home directory, workspace root, and any worktree prefixes are stripped. The server never learns your filesystem layout.
  </Accordion>
</AccordionGroup>

## How data flows from your machine

The following diagram shows the complete data path from your coding session to the Cogniscape knowledge graph.

```text theme={null}
Your Machine                              Cogniscape Cloud
─────────────                             ────────────────

Claude Code / Codex / Cursor
    │
    ▼
Hook fires (e.g., session summary)
    │
    ▼
Cogniscape CLI (local binary)
    ├── Reads hook payload (provided by AI tool)
    ├── Reads git config (name, email, branch)
    ├── Reads transcript locally (extracts metadata only)
    ├── Strips absolute paths
    ├── Truncates commands (200 chars, last 5)
    ├── Filters out user messages
    └── Sends structured event ──────────────► API endpoint
                                                  │
                                                  ▼
                                            Sanitization
                                            ├── Code blocks removed
                                            ├── URLs stripped
                                            ├── Identifiers excluded
                                            └── Passes to knowledge graph
                                                  │
                                                  ▼
                                            AI extraction
                                            ├── Entities (natural language)
                                            ├── Facts (natural language)
                                            └── Stored as semantic descriptions
```

<Info>
  Sanitization happens at two stages: first on your machine (the CLI strips paths and truncates data), then on the server (the ingestion pipeline removes code blocks, URLs, and sensitive patterns). Defense in depth — even if something slips past the first stage, the second stage catches it.
</Info>

## Frequently asked questions

<AccordionGroup>
  <Accordion title="Can my manager read my prompts?">
    No. Your prompts are never captured, transmitted, or stored. No one — including Cogniscape, your manager, or your organization's admin — can access what you typed into Claude Code, Codex, or Cursor.
  </Accordion>

  <Accordion title="Can Cogniscape see my code?">
    No. Cogniscape sees file **paths** (which files you touched) but never file **contents**. This is architecturally enforced — the CLI does not read your source files, only the hook payload and git metadata.
  </Accordion>

  <Accordion title="What if I paste sensitive data into a prompt?">
    It stays local. Since Cogniscape never captures user messages, anything you paste into a prompt — passwords, API keys, personal notes — is never transmitted to Cogniscape.
  </Accordion>

  <Accordion title="Does Cogniscape track my screen time or keystrokes?">
    No. Cogniscape only fires during the specific hook events listed above. There is no background monitoring, no keystroke logging, and no screen capture. Between hook events, the CLI is completely idle.
  </Accordion>

  <Accordion title="Can I verify what data is being sent?">
    Yes. The Cogniscape CLI is a local binary that runs on your machine. You can inspect the hook configuration in `~/.claude/settings.json` (Claude Code), `~/.codex/hooks.json` (Codex), or `~/.cursor/hooks.json` (Cursor) to see exactly which events trigger data collection. You can also run the CLI with verbose logging to see the exact payload before it is sent.
  </Accordion>

  <Accordion title="What happens if I uninstall Cogniscape?">
    Running `cogniscape uninstall` removes all hooks from your AI tool's configuration and deletes the CLI binary. No residual data collection occurs after uninstall. Historical data already in the knowledge graph is retained according to your organization's data retention policy.
  </Accordion>
</AccordionGroup>

<Card title="Questions?" icon="envelope">
  If you have questions about developer privacy, contact us at [support@cogniscape.app](mailto:support@cogniscape.app).
</Card>
