Privacy & security

What Keynobi does not collect for telemetry

With default settings (anonymous crash reporting off), the app does not send crash or usage events to us.

When crash reporting is on, the app still does not include in those reports:

• Your Android project paths or source files
• Gradle build log content
• Logcat output
• MCP session traffic
• Personal identifiers or device identifiers (as described in the in-app manual)

Reports are limited to app-side diagnostics (for example crash type and sanitized stack information) so we can fix stability issues.

Optional crash reporting (Sentry)

If you opt in under Settings → Privacy → Anonymous crash reporting, the app may send minimal events from the native layer and the UI to Sentry-compatible endpoints, subject to build-time configuration. The UI client is only initialized when the setting is on; when you turn it off, the browser SDK is closed so it is not left active.

Native and web integrations apply scrubbing (for example stripping path-like frame data and avoiding breadcrumbs) so events stay focused on application stability—not your project contents.

Note: if you connect an MCP client such as Claude Code, that client may send prompts or files to its own vendor according to its policies. Keynobi exposes MCP over local stdio; it does not proxy your code through a Keynobi server.

This website (keynobi-web)

The marketing/docs site you are reading is a static Next.js deployment. It does not receive your Keynobi projects, logs, or Gradle output. It currently does not load third-party analytics or Sentry in the page bundle.

Reporting security vulnerabilities

For responsible disclosure of security bugs in Keynobi itself, use GitHub vulnerability reporting that process is separate from end-user privacy and crash reporting.