Privacy

Last updated: 2026-05-09

Overview

agentio is a command-line tool that lets you interact with services like Gmail, Slack, JIRA, WhatsApp, and others. This page explains how it handles your data.

What agentio accesses

When you authorize agentio with each service, the tool may access:

• Messages, posts, files, and other content from the services you connect — to search, read, send, or otherwise act on them at your direction.
• Account metadata required by each service's API (email address, channel IDs, etc.).

What agentio stores

All data is stored locally on your device only:

• ~/.config/agentio/vault.enc — encrypted credentials (AES-256-GCM)
• ~/.config/agentio/vault.passphrase — local passphrase (mode 0600)
• ~/.config/agentio/daemon.db — daemon message store (only when you run the daemon)

agentio does not:

• Transmit your data to any external servers operated by the project.
• Share your data with third parties.
• Collect analytics or telemetry.

Data security

• Credentials are encrypted at rest with AES-256-GCM.
• By default, the encryption key is bound to the host (hostname + username); you can override with AGENTIO_PASSPHRASE.
• API calls go directly between your device and the service provider.

Your rights

• Revoke access at the service provider (Google, Slack, GitHub, …) at any time.
• Delete ~/.config/agentio/ to remove all local state.

Open source

agentio is MIT-licensed. Source: github.com/plosson/agentio.

Contact

Open an issue at github.com/plosson/agentio/issues.