Skip to content

Privacy and Local Data

ProxAI is a local compatibility proxy. That makes it useful for debugging, but it also means local files can contain provider configuration, request metadata, captured payloads, and diagnostics.

ArtifactPrivacy expectationCommit?
config.tomlLocal runtime config; may contain provider URLs, API key references, route choices, or local-only settings.No
config.example.tomlTracked example and documentation source; must stay sanitized and generic.Yes
captures/Request/response phase payloads for debugging; can contain private prompts and tool data.No
logs/Local diagnostics; should stay compact and body-safe, but still may reveal operational context.No
Generated site outputStatic docs build artifacts.No unless intentionally configured otherwise
P1

Do not log secrets

Request bodies, Authorization headers, API keys, and private prompts should not appear in default logs.

P2

Capture narrowly

Enable the smallest useful phase: inbound_request, provider_request, upstream_response, or outbound_response.

P3

Docs follow verified behavior

If privacy behavior is uncertain, inspect implementation and tests before documenting or sharing assumptions.

P4

Share sanitized evidence

Prefer symptoms, status codes, phase names, error types, redacted headers, and trimmed payload structure over full private captures.

  1. 1

    Classify the symptom first

    Goal: Avoid capturing more data than needed.

    Do
    • Identify whether the issue is startup config, route matching, provider transport, protocol conversion, streaming, or client rendering.
    • Use compact logs before enabling payload capture.

    Verify: You know which phase is most likely to explain the issue.

  2. 2

    Capture one phase

    Goal: Limit the private data surface.

    Do
    • Enable one capture phase only.
    • Prefer the phase closest to the suspected boundary.
    • Reproduce once with the smallest prompt/tool input possible.

    Verify: The capture answers the question without needing the full request lifecycle.

  3. 3

    Redact before sharing

    Goal: Preserve useful structure while removing private content.

    Do
    • Remove API keys, Authorization headers, private prompts, file contents, personal data, and proprietary tool arguments.
    • Keep protocol values, phase names, status codes, error types, and minimal structural snippets.

    Verify: A maintainer can understand the boundary failure without seeing private data.

Usually usefulAvoid or redact
ProxAI version, OS, command shape without secretsAPI keys, bearer tokens, full environment dumps
Inbound protocol and request pathFull prompts or private file snippets
Provider protocol and route name/pattern when sanitizedPrivate provider account details or internal URLs
Error type, HTTP status, preserved safe headers such as Retry-AfterFull upstream error bodies if they contain prompts or account data
Minimal JSON shape with placeholder valuesComplete captures unless explicitly reviewed and sanitized

For exact local paths and ignored artifacts, see Environment and Files. For phase names, see Capture Phases.