Trust & Privacy

The TheGitAI CLI is source-visible so you can inspect it and verify how it behaves on your machine.

Trust model

The client is untrusted for security enforcement. All authentication, authorization, rate limiting, and permission decisions are enforced server-side, and the server's enforcement is authoritative regardless of any client-side state.

Any security-sensitive check in the client is a convenience hint, not a security boundary — don't rely on the client to enforce security properties.

When an approved sudo command asks for a password, the prompt is local to the terminal UI: the client shows the exact command, masks the typed password, and does not send the password to the model or server.

What lives on your machine

The client stores only local, user-machine state:

auth.json — your local auth token.
models.json — locally cached model list.
prompt-history.json — global prompt-only history, capped to 15 entries.
Repo-scoped saved session snapshots under sessions/, including the conversation history and the local session state needed to resume.

Because the client is source-visible, you can read exactly what it does before trusting it with your repo and shell.

Terms of Service

Your use of TheGitAI is governed by our Terms of Service, which set out your responsibilities, explain that AI output and agent actions must be reviewed before you rely on them, and describe the limits of our liability for data loss or exposure.

Account security

Accounts are protected by a password-strength policy (weak or common passwords are rejected) and by email verification: a new account must confirm its email address before it can sign in or authorize the CLI.