Security & Privacy
Privacy and indexing on your terms.
ContextStream is designed with security-first principles. Your code is protected with enterprise-grade encryption, isolated per workspace, and you have full control over what gets indexed.
Security overview
How your code is protected.
Encrypted in transit (TLS 1.3)
All data between your machine and ContextStream uses TLS 1.3, the latest transport security standard. No older protocols, no weak ciphers, mandatory forward secrecy.
Encrypted at rest (AES-256)
Your data is stored with AES-256 encryption, the same standard used by governments for classified information. The 2^256 key space makes brute-force attacks computationally impossible.
Workspace isolation
Each workspace is completely isolated. There is no cross-tenant access — your data is only accessible to you and your team members.
You control your data
Delete your data anytime from the dashboard. When you delete events, knowledge, or entire workspaces, the data is permanently removed.
Automatic secret redaction
Even inside files that are indexed, ContextStream scrubs detected secrets — API keys, tokens, passwords, and credentials — from the text it stores and embeds. They never land in search results, context packs, or shared capsules.
Indexing scope
What gets indexed.
When you enable code indexing, ContextStream analyzes your codebase to provide semantic search and context-aware assistance.
Source code files
Code files (*.ts, *.js, *.py, *.rs, *.go, etc.) are parsed to extract functions, classes, and their relationships. This enables semantic search like "where is authentication handled?"
Documentation & comments
README files, docstrings, and comments are indexed to help the AI understand your codebase conventions and architecture decisions.
Configuration files
Package.json, Cargo.toml, pyproject.toml, and similar files help ContextStream understand your project structure and dependencies.
Cold start & freshness
How indexing works.
Indexing runs in the background — you never wait for it. The moment you init a project, ContextStream search is the right tool to reach for, and it gets better continuously as the index builds.
Search works immediately — it's never "empty until done"
Keyword search returns results as soon as the first files are committed; semantic (natural-language) search comes online after the first committed generation. Coverage fills in as indexing proceeds, so re-running the same search a moment later returns more — you don't need to wait for "100% indexed" before searching.
Stays fresh as you edit
Edited and newly-created files are re-indexed automatically in the background, so search reflects recent changes. If you just created a brand-new symbol and a search doesn't find it yet, retry once — the refresh usually lands within moments.
Check progress anytime
Want to see where indexing stands? Ask for the status — it reports whether the index is ready, in progress, or still starting.
project(action="index_status")Search-first, always
Reach for ContextStream search first — even while the index is still building. It's pre-ranked and returns real file paths + line numbers, and it only improves as coverage grows. Falling back to raw file scans (grep/glob/Explore) is worth it only if search itself returns nothing after a quick retry; "the index might be thin" is not a reason to skip it.
Containment
Folders ContextStream won't ingest.
To make it hard to accidentally index files outside your project, ContextStream checks every ingest root before reading any files and refuses locations that are dangerously broad or sensitive — you get a clear rejection instead of silently pulling in everything.
The filesystem root
/ — or a Windows drive root. Far too broad to be a project.
Your home directory
$HOME itself, or any folder above it.
Parent-of-home roots
/home and /Users — these hold every user's files.
Credential folders
.ssh, .aws, .gnupg, .kube, .docker, .config — and anything inside them.
OS / system directories
/etc, /proc, /sys, /dev, /boot, /root — and anything inside them.
~/dev/my-app) is always fine..git, package.json, Cargo.toml, …), ContextStream still indexes it but warns first — broad roots are usually picked by accident.Intentionally indexing a broad folder
If you genuinely need a wider scope, opt in explicitly — so a broad ingest is always a deliberate choice, never an accident.
# Deliberately allow a broad/sensitive ingest root
export CONTEXTSTREAM_ALLOW_BROAD_INGEST=1Default exclusions
Always excluded.
The following patterns are always excluded from indexing, even without any configuration.
# Always excluded by default (built into ContextStream)
node_modules/
.git/
dist/
build/
*.lock
package-lock.json
yarn.lock
pnpm-lock.yaml
*.min.js
*.min.css
__pycache__/
*.pyc
.venv/
venv/
target/ # Rust
.gradle/ # Java/Kotlin
*.class
These defaults ensure that large generated files, dependencies, and common sensitive patterns are never indexed. You cannot override these built-in exclusions.
Custom exclusions
.contextstream/ignore
For extra-sensitive files or directories, create a .contextstream/ignore file in your project root. This uses the same syntax as .gitignore.
# .contextstream/ignore
# Patterns follow .gitignore syntax
# Your code is already encrypted (TLS 1.3 + AES-256) and workspace-isolated.
# This file is for extra-sensitive paths you prefer to keep completely off the index.
# Sensitive directories
customer-data/
secrets/
.env*
# Keys and certificates
*.pem
*.key
*.p12
# Large generated files
dist/
build/
node_modules/
# Vendor/third-party (often not useful to index)
vendor/
third-party/
# Project-specific exclusions
# my-secret-project/
Pattern syntax
customer-data/Exclude entire directory
*.pemExclude by extension
.env*Wildcard patterns
!important.pemNegate pattern (include)
.contextstream/ignore file for you. Run contextstream-mcp setup and follow the prompts.Scope
Global vs project ignore.
Project-level
.contextstream/ignorePlaced in your project root. Applies only to this project. Commit to version control to share with your team.
Global (user-level)
~/.contextstream/ignorePlaced in your home directory. Applies to all your projects. Useful for personal patterns like client work directories.
Both files are merged at runtime. Project-level patterns take precedence over global patterns.
AI tool hooks
Redirect Glob/Grep to semantic search.
ContextStream can install hooks that redirect local file searches (Glob, Grep) to use ContextStream's semantic search instead. This provides faster, more accurate results from the indexed codebase.
How hooks work
- When Claude Code or another MCP client calls Glob/Grep
- The hook intercepts the request
- If the path is indexed, it redirects to ContextStream semantic search
- If the path is in
.contextstream/ignore, the local tool runs normally
Smart scoping
Hooks respect your .contextstream/ignore patterns. Files you exclude from indexing will use local tools automatically, preventing infinite loops when searching unindexed directories.
Hook configuration
Hooks are configured in your Claude Code settings. The setup wizard installs these automatically.
{
"hooks": {
"PreToolUse": [
{
"matcher": "Glob|Grep",
"hooks": [
{
"type": "command",
"command": "python3 ~/.contextstream/hooks/contextstream-redirect.py"
}
]
}
]
}
}Memory-only mode
Disabling code indexing.
Code indexing is optional. You can use ContextStream purely for memory (decisions, insights, lessons) without indexing any code.
Memory-only mode
Simply don't run project(action="ingest_local") or skip the indexing step in the setup wizard. ContextStream will still capture and recall your decisions, preferences, and insights without touching your code.
For projects where you want memory but not code search, this is the recommended approach. You get context continuity across sessions without any code leaving your machine.
De-index
Removing indexed data.
If something gets indexed that shouldn't have, you can remove it completely — from a single file up to an entire project. Removal is immediate and complete: the content is dropped from search, embeddings, and the knowledge graph.
Remove specific files or paths
Drop individual files or folders from the index while keeping the rest of the project intact.
project(action="remove_paths",
paths=["src/secret.ts", "data/private/"])Purge an entire project index
Wipe all indexed code and content for a project in one step. The project itself stays; only the indexed data is removed. In the dashboard this is project settings → Delete Index.
project(action="purge", project_id="<your-project-id>")Forget a local folder
Stop a folder from being tracked and re-indexed. This clears the local mapping so auto-indexing hooks won't silently re-add it later.
project(action="forget_local", project_id="<your-project-id>")FAQ
Frequently asked questions.
Can I delete my indexed code?
Yes. Go to your project settings in the dashboard and use the "Delete Index" option. This removes all indexed code from ContextStream while keeping your memory events intact.
Is my code used to train AI models?
No. Your code is used only for search and retrieval within your own workspace. It is never used for training, shared with other users, or accessed outside your team.
What happens if I work on client projects?
Create separate workspaces for each client to maintain isolation. Use the global ~/.contextstream/ignore to exclude sensitive client directories from ever being indexed.
Can team members see my indexed code?
Only if they're part of your workspace. Workspace access is controlled by you. Personal workspaces are private; team workspaces share access among invited members.
Next steps