Skip to content

What Capacitor captures

Capacitor is a session recorder. If you’re evaluating Capacitor for a codebase where confidentiality matters, read this page first — and know that everything here is under your control before a team-wide rollout.

Click here for more about the system architecture.

When a session is captured, the kcap watcher sends the complete transcript to your Capacitor server:

DataDetail
Every promptFull text of every user message to the agent
Every responseFull text of every agent reply
Every tool call + resultBash commands, file reads, edits — with timing, output, and the exact diffs applied
Thinking blocksThe agent’s reasoning, alongside the turn that produced it
Token countsInput, output, cache reads and writes — per turn and per subagent
Subagent treesEvery spawned subagent with its own transcript and token tally
Repository contextGit repo, branch, and PR linkage

Treat the transcript as sensitive by default: if a prompt or a command’s output contains a secret or a proprietary discussion, that content is part of the transcript and will be stored on your Capacitor server.

  • Your source code. The repository itself and source code is never uploaded by Capacitor. However, if prompts, responses, and/or tool output contains it, then it will appear in Capacitor.
  • Excluded work. Sessions in excluded_repos or under a kcap ignore path send nothing — the hooks skip them silently.

Two kinds of control apply, and they’re worth knowing before a team-wide rollout:

For how capture works mechanically — hooks, the watcher, and the event store — see System architecture.