Docs · Browse sections

Security & Privacy

Privacy and indexing on your terms.

ContextStream is designed with security-first principles. Your code is protected with enterprise-grade encryption, isolated per workspace, and you have full control over what gets indexed.

Security overview

How your code is protected.

Encrypted in transit (TLS 1.3)

All data between your machine and ContextStream uses TLS 1.3, the latest transport security standard. No older protocols, no weak ciphers, mandatory forward secrecy.

Encrypted at rest (AES-256)

Your data is stored with AES-256 encryption, the same standard used by governments for classified information. The 2^256 key space makes brute-force attacks computationally impossible.

Workspace isolation

Each workspace is completely isolated. There is no cross-tenant access — your data is only accessible to you and your team members.

You control your data

Delete your data anytime from the dashboard. When you delete events, knowledge, or entire workspaces, the data is permanently removed.

Automatic secret redaction

Even inside files that are indexed, ContextStream scrubs detected secrets — API keys, tokens, passwords, and credentials — from the text it stores and embeds. They never land in search results, context packs, or shared capsules.

Note: TLS 1.3 and AES-256 are the current gold standards for encryption. These are the same standards used by banks, healthcare systems, and government agencies.

Indexing scope

What gets indexed.

When you enable code indexing, ContextStream analyzes your codebase to provide semantic search and context-aware assistance.

Source code files

Code files (*.ts, *.js, *.py, *.rs, *.go, etc.) are parsed to extract functions, classes, and their relationships. This enables semantic search like "where is authentication handled?"

Documentation & comments

README files, docstrings, and comments are indexed to help the AI understand your codebase conventions and architecture decisions.

Configuration files

Package.json, Cargo.toml, pyproject.toml, and similar files help ContextStream understand your project structure and dependencies.

Important: ContextStream never indexes .env files, secrets, or credentials by default. These patterns are excluded automatically. See "Default Exclusions" below.

Cold start & freshness

How indexing works.

Indexing runs in the background — you never wait for it. The moment you init a project, ContextStream search is the right tool to reach for, and it gets better continuously as the index builds.

Search works immediately — it's never "empty until done"

Keyword search returns results as soon as the first files are committed; semantic (natural-language) search comes online after the first committed generation. Coverage fills in as indexing proceeds, so re-running the same search a moment later returns more — you don't need to wait for "100% indexed" before searching.

Stays fresh as you edit

Edited and newly-created files are re-indexed automatically in the background, so search reflects recent changes. If you just created a brand-new symbol and a search doesn't find it yet, retry once — the refresh usually lands within moments.

Check progress anytime

Want to see where indexing stands? Ask for the status — it reports whether the index is ready, in progress, or still starting.

terminal · check index status
project(action="index_status")

Search-first, always

Reach for ContextStream search first — even while the index is still building. It's pre-ranked and returns real file paths + line numbers, and it only improves as coverage grows. Falling back to raw file scans (grep/glob/Explore) is worth it only if search itself returns nothing after a quick retry; "the index might be thin" is not a reason to skip it.

Memory-only? Indexing is optional — you can use ContextStream for memory (decisions, lessons, docs) without indexing any code. See "Disabling code indexing" below.

Containment

Folders ContextStream won't ingest.

To make it hard to accidentally index files outside your project, ContextStream checks every ingest root before reading any files and refuses locations that are dangerously broad or sensitive — you get a clear rejection instead of silently pulling in everything.

The filesystem root

/ — or a Windows drive root. Far too broad to be a project.

Your home directory

$HOME itself, or any folder above it.

Parent-of-home roots

/home and /Users — these hold every user's files.

Credential folders

.ssh, .aws, .gnupg, .kube, .docker, .config — and anything inside them.

OS / system directories

/etc, /proc, /sys, /dev, /boot, /root — and anything inside them.

On by default, everywhere. The guard runs for every ingest path — manual, auto-indexing hooks, and the setup wizard — with nothing to configure. A normal project folder (even one under your home, like ~/dev/my-app) is always fine.
Gentle nudge: if a folder has no project marker (.git, package.json, Cargo.toml, …), ContextStream still indexes it but warns first — broad roots are usually picked by accident.

Intentionally indexing a broad folder

If you genuinely need a wider scope, opt in explicitly — so a broad ingest is always a deliberate choice, never an accident.

terminal · opt in to broad ingest
# Deliberately allow a broad/sensitive ingest root
export CONTEXTSTREAM_ALLOW_BROAD_INGEST=1

Default exclusions

Always excluded.

The following patterns are always excluded from indexing, even without any configuration.

terminal · built-in exclusions
# Always excluded by default (built into ContextStream)
node_modules/
.git/
dist/
build/
*.lock
package-lock.json
yarn.lock
pnpm-lock.yaml
*.min.js
*.min.css
__pycache__/
*.pyc
.venv/
venv/
target/          # Rust
.gradle/         # Java/Kotlin
*.class

These defaults ensure that large generated files, dependencies, and common sensitive patterns are never indexed. You cannot override these built-in exclusions.

Custom exclusions

.contextstream/ignore

For extra-sensitive files or directories, create a .contextstream/ignore file in your project root. This uses the same syntax as .gitignore.

terminal · .contextstream/ignore
# .contextstream/ignore
# Patterns follow .gitignore syntax
# Your code is already encrypted (TLS 1.3 + AES-256) and workspace-isolated.
# This file is for extra-sensitive paths you prefer to keep completely off the index.

# Sensitive directories
customer-data/
secrets/
.env*

# Keys and certificates
*.pem
*.key
*.p12

# Large generated files
dist/
build/
node_modules/

# Vendor/third-party (often not useful to index)
vendor/
third-party/

# Project-specific exclusions
# my-secret-project/

Pattern syntax

customer-data/

Exclude entire directory

*.pem

Exclude by extension

.env*

Wildcard patterns

!important.pem

Negate pattern (include)

Tip: The setup wizard can create a sample .contextstream/ignore file for you. Run contextstream-mcp setup and follow the prompts.

Scope

Global vs project ignore.

Project-level

.contextstream/ignore

Placed in your project root. Applies only to this project. Commit to version control to share with your team.

Global (user-level)

~/.contextstream/ignore

Placed in your home directory. Applies to all your projects. Useful for personal patterns like client work directories.

Both files are merged at runtime. Project-level patterns take precedence over global patterns.

AI tool hooks

Redirect Glob/Grep to semantic search.

ContextStream can install hooks that redirect local file searches (Glob, Grep) to use ContextStream's semantic search instead. This provides faster, more accurate results from the indexed codebase.

How hooks work

  1. When Claude Code or another MCP client calls Glob/Grep
  2. The hook intercepts the request
  3. If the path is indexed, it redirects to ContextStream semantic search
  4. If the path is in .contextstream/ignore, the local tool runs normally

Smart scoping

Hooks respect your .contextstream/ignore patterns. Files you exclude from indexing will use local tools automatically, preventing infinite loops when searching unindexed directories.

Hook configuration

Hooks are configured in your Claude Code settings. The setup wizard installs these automatically.

terminal · ~/.claude/settings.json
{
  "hooks": {
    "PreToolUse": [
      {
        "matcher": "Glob|Grep",
        "hooks": [
          {
            "type": "command",
            "command": "python3 ~/.contextstream/hooks/contextstream-redirect.py"
          }
        ]
      }
    ]
  }
}
Note: If hooks cause issues, you can disable them in Claude Code settings or remove the hook configuration. ContextStream will still work — you'll just need to call search tools explicitly instead of relying on automatic redirection.

Memory-only mode

Disabling code indexing.

Code indexing is optional. You can use ContextStream purely for memory (decisions, insights, lessons) without indexing any code.

Memory-only mode

Simply don't run project(action="ingest_local") or skip the indexing step in the setup wizard. ContextStream will still capture and recall your decisions, preferences, and insights without touching your code.

For projects where you want memory but not code search, this is the recommended approach. You get context continuity across sessions without any code leaving your machine.

De-index

Removing indexed data.

If something gets indexed that shouldn't have, you can remove it completely — from a single file up to an entire project. Removal is immediate and complete: the content is dropped from search, embeddings, and the knowledge graph.

Remove specific files or paths

Drop individual files or folders from the index while keeping the rest of the project intact.

terminal · remove paths
project(action="remove_paths",
        paths=["src/secret.ts", "data/private/"])

Purge an entire project index

Wipe all indexed code and content for a project in one step. The project itself stays; only the indexed data is removed. In the dashboard this is project settings → Delete Index.

terminal · purge index
project(action="purge", project_id="<your-project-id>")

Forget a local folder

Stop a folder from being tracked and re-indexed. This clears the local mapping so auto-indexing hooks won't silently re-add it later.

terminal · forget local folder
project(action="forget_local", project_id="<your-project-id>")
Memory too: events, knowledge nodes, docs, capsules, and entire workspaces can be deleted from the dashboard or via the tools at any time — when you delete them, the data is permanently removed.

FAQ

Frequently asked questions.

Can I delete my indexed code?

Yes. Go to your project settings in the dashboard and use the "Delete Index" option. This removes all indexed code from ContextStream while keeping your memory events intact.

Is my code used to train AI models?

No. Your code is used only for search and retrieval within your own workspace. It is never used for training, shared with other users, or accessed outside your team.

What happens if I work on client projects?

Create separate workspaces for each client to maintain isolation. Use the global ~/.contextstream/ignore to exclude sensitive client directories from ever being indexed.

Can team members see my indexed code?

Only if they're part of your workspace. Workspace access is controlled by you. Personal workspaces are private; team workspaces share access among invited members.

Next steps

Wire it up.