Safeguards & privacy

Spend against donated compute is intentionally transparent. This page explains exactly what is visible, what isn't, and how multiple keys fit into a project.

Session linking and what's public

When you run opub run, the CLI starts a work session linked to your compute key. The session publishes the Git context of the directory where you ran it — the repository origin, current commit, and project association. This is the only context opub collects from the local environment.

What is public:

• Token count and dollar amount for every spend event against donated compute
• The compute key name (not the credential)
• Git session context: repository origin and commit hash
• Session start and end timestamps
• The agent target (claude, codex, copilot, etc.)

What is never collected:

• Prompts, completions, or any model input/output
• File contents, diffs, or repository data
• What the agent is doing or how

Provider and model data policies still apply to actual model usage. opub does not add prompt, response, diff, or file-content collection on top of the provider request.

The session records the Git context at launch. Spend accrues to the project through the compute key — the two are correlated by the session, not matched event-by-event. If you use the key directly without opub run, spend still accrues to the project — the local session link is simply absent.

Multiple keys

Multiple active keys are supported. Use separate keys when you want distinct spend tracking for different workflows (local dev vs. CI vs. a specific branch) or when you share a project with another maintainer who sets up their own key. Each key has its own limit, spend history, and credential.

Safeguards

opub applies protective measures to credentials and session metadata.

Secretless session context — MCP tools return project, key, target, and session metadata only. They do not expose the provider key or inspect prompt, response, diff, or file contents.

First-party provider allowlist — compute keys are restricted to Anthropic, OpenAI, Mistral, and MiniMax. Keys cannot be routed to arbitrary or third-party endpoints, reducing the surface for credential misuse. See Available models for the full list.

Minimal local context — linked sessions publish repository origin, commit hash, target agent, and session timestamps. Direct key use skips that local session link.

These safeguards are applied automatically. No configuration is required.

The CLI is open source — the code that runs on your machine is publicly auditable. Trust, but verify! Read the source at github.com/opubdev/opub-cli.

Even with these safeguards, use caution with what you expose in any working session.

Privacy for your account

Your GitHub login is used only to verify repository access. opub does not read repository contents, issues, pull requests, or any data beyond the public profile and repository list needed for verification. Spend events and session context published from your local machine are the only data associated with your maintainer account on the public project page.

We also request your email so that we may contact you if needed. Anything but the bare minimum transactional emails will require your clear consent.