AgenticCLI

Privacy Policy

Last updated: 2026-07-01

agenticcli.dev (“we”, “us”, “our”) makes ShipGuard — a CLI release gate for AI-built apps distributed on npm. This policy explains what data we collect, why, and how to exercise your rights. Questions: [email protected].

Your code never leaves your machine. ShipGuard scans run 100% locally. No file contents, file paths, or source code are ever uploaded to our servers — not on the free tier and not on paid plans. Paid plans fetch rule signatures from us; your code stays local.

Data we collect

Account data. When you create an account, WorkOS AuthKit collects and manages your email address and authentication credentials on our behalf. We receive a user identifier and email from WorkOS after successful sign-in.

Waitlist data. If you join our waitlist, we store your email address in our application database (Convex) to notify you when access is available. We do not share waitlist emails with third parties.

Usage and analytics data. We use PostHog to understand how the web application is used — page views, feature interactions, and session metadata. PostHog respects the Do-Not-Track browser header and analytics can be disabled via your browser cookie settings. We do not sell or share this data with advertisers.

Billing and payment data. Payment processing is handled by Dodo Payments as merchant of record. We do not store or receive your full card number or CVV. We receive subscription status, plan tier, and billing cycle information from Dodo Payments.

Local CLI scans. When you run shipguard scan locally, your source code is read and analysed entirely on your machine. No file contents, file paths, or code are sent to our servers. The scan result is yours alone.

How we use your data

We do not sell your data to third parties, use it for advertising, or use scan results for model training.

Sub-processors

The following third parties process data on our behalf:

Cookies

We use strictly-necessary cookies for authentication (WorkOS session) and optional analytics cookies (PostHog). See our Cookie Policy for details and opt-out instructions.

Data retention

We retain account data for as long as your account is active. If you delete your account, we will delete or anonymise your personal data within 30 days, except where we are required by law to retain it longer. Waitlist data is deleted once you convert to an account or on request.

Your rights

Depending on where you are located, you may have the right to:

To exercise any of these rights, email [email protected]. We will respond within 30 days.

Security

We apply reasonable technical and organisational measures to protect the personal data we hold. Sensitive operations (authentication, billing) are delegated to specialist sub-processors. However, no transmission over the internet is completely secure, and we cannot guarantee absolute security. If you believe your data has been compromised, contact [email protected] promptly.

Children

ShipGuard is intended for developers aged 13 and over. We do not knowingly collect personal data from children under 13. If you believe a child under 13 has provided us with personal data, please contact us and we will delete it promptly.

Governing law

This policy is governed by applicable law in the jurisdiction where agenticcli.dev operates. Where applicable, GDPR (EU/EEA users) and CCPA (California residents) also apply.

Changes to this policy

We may update this policy as our practices evolve. Material changes will be noted on this page with an updated “Last updated” date. Continued use of the service after changes constitutes acceptance of the updated policy.

Questions? Email [email protected].