Time to ship · about 3 minutes
Privacy and data.
Local context stays local. Managed live voice and STT frames pass through the Codexini Cloudflare Worker to the selected provider and are not stored by the Worker. Activation tokens are opaque.
Aura processes local context on-device before anything is sent. During managed live voice and streaming STT, encoded audio frames leave your Mac over TLS, pass through the Codexini Cloudflare Worker, and are forwarded to the selected provider for processing. The Worker does not store or log those frames. Context digests are filtered locally first, with secrets, file paths, stack traces, and line numbers removed before transmission. Each call is scoped to the project folder you approved.
Activation tokens, used to verify your account access, are opaque identifiers. They do not contain your name, email, or any personally identifiable information. They are stored in macOS Keychain, not in any config file or log. Aura cannot read the contents of a token — it only presents the token to the activation endpoint for verification.
What stays on your machine.
Your config file. The task audit trail in .aura/threads/. The history log at .aura/history.jsonl. Project context is filtered locally before transmission; live voice/STT audio frames are sent only for the active call.
What reaches the model proxy.
Live voice and streaming-STT audio frames, plus a filtered context digest — the working set described in the Live context model page — and the filtered text of your voice turn. On the managed path, audio frames go to the selected provider through the Codexini Cloudflare Worker; the Worker forwards them and does not store them. No raw source code. No file contents. No secrets. No paths. The filter runs locally before transmission and is enforced at the speech output layer as well, so she will not read a secret back to you even if it appears in a worker result.
Full policy
This page is a summary. The complete data flow, retention periods, third-party processors, and your rights are documented in the Codexini privacy policy.
Deleting your data.
All locally stored data is under your control. Delete ~/.aura/ and ~/Library/Application Support/aura to remove local Aura data. For server-side account data such as email or token records, use the deletion request path in the privacy policy.