Security & Privacy

What Agentoscope accesses

Agentoscope reads the JSONL log files that Claude Code writes to ~/.claude/projects/ (and the XDG equivalent). These are the same logs Claude Code creates during normal operation.

It parses usage entries from these logs — model names, token counts, timestamps — and calculates costs using model pricing data. That's it.

Network activity

Agentoscope makes two types of outbound network request:

• Model pricing — fetches the LiteLLM model pricing JSON from GitHub. This is a public, static JSON file used to calculate accurate costs for each model.
• GitHub PRs — if you use the Open PRs feature, Agentoscope calls the gh CLI on your machine to list pull requests. This uses your existing GitHub authentication. Agentoscope does not store or transmit any GitHub credentials.

There is no other network activity. No analytics. No telemetry. No crash reporting. No update checks.

What Agentoscope cannot do

• It cannot modify your Claude Code files — it's read-only
• It cannot upload your data to any server — there is no upload mechanism. The Open PRs feature calls the gh CLI locally, which talks to GitHub using your existing auth
• It cannot run in the background — it's a standard desktop app

Data storage

Agentoscope processes log data in memory only. It does not write any data to disk. When you close the app, the parsed data is gone. The next time you open it, it re-reads the JSONL logs fresh.

Open source

Agentoscope is fully open source under the GPL v3 license. You can read every line of Rust backend code and React frontend code on GitHub.

If you have security concerns, you're encouraged to audit the codebase and build from source.