Storage at a glance
| Data | Local-only | Connected personal dashboard | Teams or Enterprise |
|---|---|---|---|
| Prompt records | Local SQLite | Uploaded unless prompt_storage is local | Team prompt store, with best-effort secret and PII redaction |
| Line-level attribution | Local Git notes | Local Git notes | Local Git notes plus team and SCM-linked processing where enabled |
| Agent and model identifiers | Git notes | Git notes and connected transcript or usage records | Git notes and team analytics |
| Git name and email | Git notes | Used with connected attribution | Stored as employee identity and SCM membership |
| Tool calls, MCP calls, skills, errors, interruptions, tokens | Not uploaded as cloud analytics | Uploaded for personal analytics | Uploaded for team analytics |
| SCM profile and pull request metadata | Not uploaded by local-only CLI | SCM profile metadata | PR description, opener, reviewer, status, and related metadata |
| Pull request diffs | Not uploaded by local-only CLI | Depends on connected product workflow | Processed to compute AI percentage; not stored |
| Error and exception telemetry | Sent by default | Sent by default | Sent by default unless disabled or redirected |
Autter’s public CLI privacy document does not state a universal cloud retention period. Check your agreement, deployment policy, or the Autter Trust Center for current terms.
Local-only mode
Without login, Autter says it does not send code, prompts, or agent-usage data to the Autter platform. Local-only storage includes:- Prompt records in local SQLite storage
- Temporary checkpoints under
.git/ai - Attribution in Git notes, including the agent, model, line ranges, acceptance metrics, and steering developer’s Git name and email
Connected personal dashboards
When you opt in to a personal dashboard, Autter Cloud receives:- Agent activity such as tool calls, MCP calls, skills, interruptions, errors, and token usage
- Prompts and agent responses used for personal analytics
- AI percentage, parallel-agent counts, and related dashboard metrics
- SCM profile metadata from GitHub, GitLab, or Bitbucket
Transcript upload path
When a commit has a captured agent transcript, Autter:- Reads and normalizes the local JSON or JSONL transcript.
- Removes detected secrets before the transcript leaves the machine.
- Queues the transcript in local durable storage as a content-addressed object.
- Adds a
cas:<hash>reference to the prompt record in the authorship note. - Lets the background service upload queued content to the connected organization environment.
Teams and Enterprise
Team deployments can also store:- Employee names, email addresses, and SCM team membership
- Full prompt records with best-effort secret and personal-data stripping
- Full agent sessions for review and summarization
- Pull request metadata from supported SCMs
- Organization-wide attribution, token, cost, and agent-usage analytics
Opt out of cloud storage
To clear credentials and reselect local-only mode:Stay connected but keep prompts local
You can keep platform authentication while preventing future prompt uploads:Disable Autter for a repository
From the repository, run:Protect sensitive data
- Never place credentials or secrets in agent prompts.
- Keep
prompt_storageset tolocalfor repositories that cannot upload prompts. - Review Git-note access because attribution includes developer identity.
- Store CI access tokens in a secret manager.
- Review organization permissions before enabling prompt access for developers.