Skip to main content

Data Sovereignty

Applies to SDK 0.16+ · Last updated: 2026-06-12

AgentNode is a registry and policy engine — not a data processor. Your data never touches our servers. Tools run locally in your environment. The backend only stores what's needed for the registry catalog (package metadata, account credentials). Everything else stays on your machine.

Your data stays local

  • Tool input/output data — the data your agents process never touches our servers. Tools run locally in your environment, not on ours.
  • LLM prompts or responses — we have no visibility into what your agent sends to or receives from language models.
  • Usage telemetry — the SDK does not phone home. No analytics, no tracking, no usage beacons. The only network calls are explicit ones you trigger (install, search, resolve).
  • Local credentials — tokens stored via agentnode auth stay in ~/.agentnode/credentials.json on your machine. They are never uploaded.
  • Audit logs — Guard's audit trail (~/.agentnode/audit.jsonl) is local-only. Policy decisions stay on your machine.

Execution model

All tool execution happens locally in your Python process. The AgentNode backend is only involved in three scenarios:

Registry Operations

Search, install, resolve, publish — catalog operations that transfer package metadata and artifacts.

OAuth Proxy

Server-side credentials: the backend proxies API calls so OAuth tokens never leave the server. Optional — you can use local tokens instead.

Remote Runner

For packages that explicitly declare remote execution. The SDK marks these as remote_run in the audit trail. Most packages run locally.

Accounts & API keys

An AgentNode account is needed only for publishing and server-side credentials. Searching, installing, and running packages work without an account or authentication.

API keys are the primary authentication mechanism for the CLI and SDK. They replace session-based login for programmatic access:

  • Create an API key in your account settings on the website.
  • Set it as an environment variable with export AGENTNODE_API_KEY=ank_... or pass via --token flag
  • Use it automatically — the CLI reads fromAGENTNODE_API_KEY env var or ~/.agentnode/config.json
  • Revoke at any time from your account settings — revoked keys are immediately rejected

Only a SHA-256 hash of your API key is stored on the server. If the database is compromised, the plaintext key cannot be recovered. Keys are matched using constant-time comparison (hmac.compare_digest) to prevent timing attacks.

Offline-capable

Once packages are installed, the SDK works fully offline. The lockfile (agentnode.lock) contains all metadata needed to run tools without network access. Set credentials.resolve_mode: "local" to ensure credential resolution never reaches out to the API. Policy enforcement (Guard) is entirely local — no server calls, no latency.