№ 04 — transparency

Every byte we
could ever ask for,
documented.

WebLoom's engine is open source and runs on your machine. By default it phones home never. You can opt in to send anonymous tool stats so the community immune system has signal to fix bugs before they hit you — but that's your call, and the toggle is permanent, not a dark pattern.

the promise

Default OFF. Fresh engine installs send zero telemetry. You opt in explicitly. No silent toggles, no "we changed defaults in v0.5", no buried checkboxes during install.

Open source. The engine, the telemetry function, the receiving endpoint, and the database schema are all in public repos. You can read the exact line of code that decides what gets sent.

No penalty for opting out. Opt-out engines get every Thread fix, every engine update, every auto-heal on the same 6-hour tick as opt-in engines. The only thing you don't do is contribute signal back. You're protected by the network; you're just not visible to it.

what we collect

only
if you
opt in

{
  "tool":           "x_create_tweet",       // which engine tool ran
  "ok":             true,                   // success / failure
  "error_class":    null,                   // generic error category if failed
  "duration_ms":    412,                    // how long it took
  "engine_version": "0.4.2",                // engine build
  "anon_id":        "a8f3c2d1",             // random per-install, no identity link
  "ts":             1779470305              // unix timestamp
}

That is the entire payload. Nothing else gets sent. Ever.

what we never collect
  • URLs you visit — not domain, not path, not query
  • Page content — no scraped data, no DOM, no screenshots
  • Post / tweet / message text — never seen, never sent
  • Cookies, session tokens, ct0, auth headers — stays on your machine
  • Browser fingerprint, IP address (we drop it server-side), user agent
  • Account names, emails, real identity, billing info from Polar
  • Anything that could be used to deanonymize an anon_id
the admin boundary

even
WebLoom's
own admins
can't see
per-user trails

People asked: "If telemetry is opt-in, can WebLoom admins see what every user is doing on which sites?" No. That kind of visibility would be surveillance, not transparency — even with consent — because domain choice alone is identity-leaking on niche sites.

what admins CAN see
  • Aggregate tool runs per day (e.g. "x_create_tweet ran 1,247 times today, 96% success")
  • Top failing tool classes per engine version (drives fixes)
  • Engine versions in flight (helps gate auto-update rollouts)
  • Distribution of error_class strings (e.g. "timeout", "selector_not_found")
what admins CANNOT see
  • Any single anon_id's history (the schema has no per-anon view by design)
  • Which domains a specific install touched (no domain column on engine_telemetry)
  • Per-action trails of who did what when
  • Anything that could reverse-link an anon_id to a real identity

What Thread authors see is even narrower: aggregate stats on the Threads they published, counted per action descriptor. They never see which install ran which action. That boundary is enforced at the query layer, not just the UI.

why opt in

The web breaks every day. X ships new anti-replay headers. LinkedIn renames a CSS class. Reddit changes a selector. When 200 buyers silently hit the same error at the same moment, that's a signal — we can ship a fix in hours instead of waiting weeks for someone to file a GitHub issue.

Opt-in telemetry turns every WebLoom installation into a node of a community immune system. You get fixes faster. Authors get evidence of what's breaking. The network gets stronger every day.

The trade is real but small: we see {tool, ok, ms}from your runs. In exchange, the engine you're using gets sharper every time anyone else uses theirs.

verify everything
The telemetry function in the enginegithub ↗

grep for _send_telemetry — that's every byte that leaves your machine

The receiving endpointgithub ↗

see exactly what hits the server and what gets stored

The Supabase schemagithub ↗

the database table, the indexes, the retention policy

how to toggle
opt in
webloom telemetry on
opt out (default)
webloom telemetry off
preview what you'd send
webloom telemetry preview

Runs locally. Prints the next payload to stdout. Sends nothing.

Read the code,
then decide.
DocsAbout the engine →