Privacy

What Does Skill Index Collect?

For the app: Skill Index does not collect or send your local data. Skill Index reads and stores information locally on your Mac so it can work.

For this marketing website: skillindex.app collects basic, anonymized analytics through Vercel Web Analytics.

What Is the Data Used For?

For the app: Local information is used on your machine to map your AI agent setup, compare skills and MCP definitions, keep a local audit log, and apply repairs you choose.

For this marketing website: Vercel Web Analytics data is used to understand basic site traffic and whether the marketing website is useful.

Are There Any Third Parties?

For the app: Skill Index does not use third-party processors for your local data.

For this marketing website: skillindex.app uses Vercel Web Analytics for aggregate traffic information. GitHub and other linked services handle data under their own privacy policies.

What Skill Index Reads Locally

Skill Index scans local agent-related folders and configuration files so it can show you where skills, MCP servers, plugins, and related capabilities are installed. Depending on your agent setup, those files may include secrets, tokens, local paths, or other sensitive configuration values. Skill Index reads that information locally to build its inventory and compare definitions.

This may include paths such as:

• ~/.skillindex/
• ~/.agents/skills/
• ~/.codex/
• ~/.claude/
• Other custom folders you choose in Skill Index

What Skill Index Stores Locally

Skill Index stores its own local state under ~/.skillindex/ by default, including settings, inventory cache data, and a local audit log of file-changing operations. The audit log records which files were changed and when; it does not record secret values, tokens, or the contents of configuration files. The audit log persists until you delete ~/.skillindex/. When you choose repair or standardization actions, Skill Index may also write to the local agent configuration or skill directories involved in that action.

What Skill Index Sends

Skill Index does not send personal information, telemetry, crash reports, usage events, local paths, or configuration contents to the project maintainers. Skill Index does make certain outbound connections for specific product features — checking GitHub Releases for updates, connecting to remote MCP servers you have configured, installing skills from URLs or repositories when you choose that action, loading remote agent icon images, and opening external links in your browser — but none of these transmit your local inventory, paths, skill contents, secrets, tokens, or audit log.

Information You Provide

If you contact the project maintainers directly, submit an issue, or participate in the open-source project, we will use the information you provide only to respond to your message, handle the related project issue, or maintain the project. Do not post secrets, tokens, local paths, or sensitive configuration values in public issues.

Changes to This Policy

If Skill Index's privacy practices change, we will update this policy and note the change in the Skill Index release notes. The effective date above will be updated. Changes that materially expand data collection — such as adding accounts, cloud sync, telemetry, crash reporting, or hosted services — will be called out explicitly in the release notes.

Contact

For privacy questions, open an issue in the Skill Index GitHub repository. Do not include secrets, tokens, local paths, or sensitive configuration values in your issue. If your question requires sharing sensitive details, describe the situation in general terms only.