Security

Local-first AI coding, verified.

IDEAgentHub is a Windows desktop application. Your code, your AI prompts, your conversations, and your workspace snapshots stay on your machine. The desktop app sends no telemetry, no analytics, and no usage data — the only outbound network call is a 24-hour license check that transmits a hardware-fingerprint hash and nothing else.

Last reviewed against the production desktop app on May 13, 2026.

Your code never leaves your machine.

IDEAgentHub embeds the IDE you already use — Cursor, Claude Code, Codex, Antigravity, VS Code (Copilot) — and writes files to your existing working directory. There is no IDEAgentHub-controlled remote that touches source code, ever.

Zero desktop telemetry.

The desktop app sends no usage analytics, no crash pings, no heartbeat, no feature-flag callbacks. The only outbound traffic from the app is to the IDE vendor's own services (your Cursor login talks to Cursor as it normally would) and the license endpoint described below.

License validation sends only a hardware ID hash.

Every 24 hours the app verifies your license is still active. The payload is your license key plus a SHA-256 hash of MachineGuid + Motherboard UUID + CPU ID — no email, no IP-derived identity, no project metadata. A 14-day offline grace period covers air-gapped or travel scenarios.

AI prompts and conversations stay local.

The continuity log and AI turn timeline are written to `.agenthub/` inside your workspace. Nothing in that folder is mirrored to a remote. Switching IDEs reads the same local files — no cloud sync, no shared backend, no IDEAgentHub-side aggregation.

Snapshots and restore data are stored on disk only.

Workspace snapshots are content-addressed files inside `.agenthub/snapshots/` next to your project. You control the storage cap (default off). Nothing is uploaded; restore reads from the same local directory it wrote to.

Payments are handled by Polar, our Merchant of Record.

Card data never reaches IDEAgentHub. Polar collects email + payment details directly; we receive the license activation event and your email. Refunds, invoices, and tax compliance are handled by Polar under their own privacy terms.

What IDEAgentHub never collects

For clarity, here is the explicit list of data the desktop app never reads, transmits, or stores remotely:

  • Your source code or repository contents
  • AI prompts you write or paste
  • AI responses from any embedded IDE
  • Files modified by AI turns
  • Snapshot contents
  • Workspace path or folder names
  • Workspace metadata (git remote, branch, commits)
  • Email addresses (those go directly to Polar)
  • IP address (license endpoint logs are short-lived)
  • Telemetry, heartbeats, crash reports, or analytics

Questions, audit requests, or enterprise review?

We reply within 24 hours. If your security team needs a packet capture, a signed binary, or a SOC-style data-flow diagram, ask — we will send it.

Email security@ideagenthubRead the full Privacy Policy