Visibility & sharing
Every session has an owner and a visibility setting. This page covers the three visibility values, how the default is chosen, and how to share an individual session with specific teammates.
The three values
Section titled “The three values”| Value | Who can see it |
|---|---|
private | Only the owner. |
org_public (default) | Anyone in the GitHub org that owns the repo, if the repo is recognised as an org repo. Falls back to private for personal repos or repos outside a recognised org. |
public | Anyone signed in to the tenant. |
org_public is the recommended default. It opens up sessions to teammates by repo membership while keeping your personal scratch work private.
Setting your default
Section titled “Setting your default”The default applies to every new session you create:
kapacitor config set default_visibility privatekapacitor config set default_visibility org_publickapacitor config set default_visibility publicRun kapacitor config show to see the current value.
Overriding a single session
Section titled “Overriding a single session”From the dashboard, click the share icon on a session’s detail view. The share popover offers three rows:
- Org members — collapse to
org_public(the default for new sessions). - Teams & people — pick specific GitHub teams or individuals from your org. The picker is backed by team and member data synced from GitHub every 15 minutes.
- Private — collapse to owner-only.
Scoped grants (teams or individuals) are visible in addition to the default org/public visibility, not instead of it. A private session shared with a team is visible to the owner and that team — nobody else.
There is no CLI equivalent for the team/individual share picker — that’s dashboard-only because it needs the team list.
kapacitor hide: mark a session private from the terminal
Section titled “kapacitor hide: mark a session private from the terminal”kapacitor hide is the CLI shortcut for collapsing a session to owner-only. It’s the right tool when you’ve just realised the session you’re running (or just finished) contains something you don’t want teammates to see.
kapacitor hide # current session (resolved from $KAPACITOR_SESSION_ID)kapacitor hide <sessionId> # a specific session by ID or meta-slugWithout an argument, hide resolves the current session from the environment — the same variable the in-agent skills use, set by Claude or Codex hooks when a session starts. So kapacitor hide from inside a Claude session always means “this one”.
What it does:
- Sets the session’s visibility to
private. - Existing viewers lose access on their next dashboard refresh (the live update pushes a permissions-change event).
- Future events on the session (the agent is still running) continue to be captured. Only the visibility changes; recording is untouched.
What it doesn’t do:
- It doesn’t delete anything. The session is still in your tenant; you (and only you) can still open it. Use
kapacitor disableif you want the data gone — see the next section. - It doesn’t propagate to continuation chains automatically. If a session was compacted into a new one, hide each segment individually (or use the meta-slug, which targets all linked sessions).
To reverse a hide, use the dashboard’s share popover — there’s no kapacitor unhide. From the popover, switch the session back to Org members or Public.
Stop recording entirely
Section titled “Stop recording entirely”If hiding a session isn’t enough — say, the agent accidentally pulled in a credentials file and you want the data off the server — use kapacitor disable:
kapacitor disable # current sessionkapacitor disable <sessionId> # specific sessionThis stops the watcher, silences future hooks for that session, and deletes the server-side data. The local transcript file (Claude’s .jsonl or Codex’s rollout) is untouched. The action is irreversible on the server.
Quick comparison:
| Command | Effect | Reversible? |
|---|---|---|
kapacitor hide | Mark session private (owner-only) | Yes, via the share popover |
kapacitor disable | Delete server-side data, stop recording | No |
Reach for hide first. Use disable only when you’re sure the data shouldn’t exist on the server at all.
Excluding repos from capture entirely
Section titled “Excluding repos from capture entirely”If a repo should never be recorded — say, a personal diary or a client project under NDA — exclude it at the CLI level so hooks skip it silently before any data is sent:
# By git remotekapacitor config set excluded_repos "myorg/secret-project,personal/diary"
# By path on diskkapacitor ignore . # ignore current directorykapacitor ignore ~/code/secret-projectkapacitor ignore --listkapacitor ignore --remove ~/code/secret-projectexcluded_repos matches the git remote; kapacitor ignore matches the working directory and its subtrees. Use the path-based form for scratch dirs, worktrees, or monorepo subtrees that don’t have a distinct remote.
Path exclusions are per-profile, so switching profiles with kapacitor use switches the ignore list too.
Related
Section titled “Related”- The dashboard — finding the share popover.
- CLI > Configuration & profiles — full config key reference.