1. Overview
Khoregos (k6s) is a command-line tool and Claude Code plugin that runs entirely on your local machine. Sibyllai ("we", "us") does not collect, transmit, store, or process any personal data or usage data from users of Khoregos.
This policy explains what data Khoregos handles, where it stays, and what third-party services may be involved when you use the software.
2. Data processed by Khoregos
Khoregos processes the following data exclusively on your local machine:
- Agent session state, task records, and workspace configuration stored in your project's
.khoregos/directory - Audit log entries recording agent actions, tool calls, file operations, and session events
- File path information used for boundary enforcement and file locking
- Token usage estimates computed locally for cost tracking
None of this data is transmitted to Sibyllai or any third party by Khoregos itself. All data remains under your control, on your infrastructure, at all times.
3. Audit logs and sensitive content
Khoregos audit logs may incidentally contain information about your codebase, file structure, or agent instructions depending on how you configure logging verbosity. These logs are stored locally in your project directory. You are responsible for managing, securing, and retaining these logs in accordance with your own data handling obligations.
Khoregos provides built-in retention enforcement (k6s audit prune) to help you manage log lifecycle.
4. Third-party services
Khoregos integrates with third-party services at your explicit configuration. When you configure these integrations, data flows directly from your machine to those services — not through Sibyllai:
- Anthropic Claude API — if you use Claude Code with Agent Teams, your prompts and agent interactions are subject to Anthropic's Privacy Policy
- OpenTelemetry exporters — if configured, trace and metric data is sent to your designated collector endpoint
- Prometheus — if configured, metrics are exposed locally on a port you control
- Webhook endpoints — if configured, governance events are sent to URLs you specify
- RFC 3161 timestamp authorities — if configured, audit event hashes (not content) are submitted to your chosen timestamp authority for external verification
Sibyllai has no visibility into any of these integrations. You configure them; you control them.
5. Website (sibyll.ai)
The Khoregos product page at sibyll.ai may use privacy-preserving analytics to measure page traffic. No cookies are set without consent. No personal data is collected through the website for marketing purposes. No contact forms collect personal data at this time.
If this changes, this policy will be updated before the change takes effect.
6. npm registry
Installing Khoregos via npm install -g khoregos is subject to npm's Privacy Policy. Sibyllai receives no data from npm installs beyond aggregate download statistics available to all package publishers.
7. Your rights under GDPR
Because Khoregos collects no personal data, there is in practice no personal data held by Sibyllai for you to access, correct, export, or delete.
If you believe Sibyllai holds personal data about you in any context, you have the right to request access, correction, deletion, or portability of that data. Contact us at the address below and we will respond within 30 days.
8. Data retention
Sibyllai retains no user data. Data generated by Khoregos on your machine is governed by your own retention policies and the retention configuration you set in Khoregos.
9. Children
Khoregos is a developer tool not directed at children under 16. We do not knowingly collect data from children.
10. Changes to this policy
If this policy changes materially — for example, if Khoregos ever introduces telemetry or cloud features — we will update the effective date and note the change prominently. The current version is always available at khoregos.sibyll.ai/privacy.
11. Contact
Questions about this policy: privacy@sibyll.ai — or open an issue at github.com/sibyllai/khoregos.