You think your AI is just helping you write code. In reality, it's built a logging system on your machine that you never knew existed.
Every conversation. Every code snippet. Every file path. Every time you asked "what was my password again?" β permanently archived, without your knowledge.
I was about to sell my old laptop and decided to clean up my data first. I opened Claude Code's config directory β ~/.claude/
β intending to just remove my API key.
Then I saw this:
history.jsonl 243 KB / 695 lines
sessions/ conversation metadata
session-env/ environment variables
shell-snapshots/ command execution snapshots
telemetry/ 63 telemetry files
projects/ 19 project directories
ββ interview-prep/ 31 sessions / 20 MB
ββ spring-ai/ 11 sessions / 13 MB
ββ ... 17 more
I thought I was just writing code. My computer thought it should record everything.
695 entries. Every single thing I typed into Claude Code. Including:
/model
, "who are you?", and project pathYou casually ask about a password once. It's permanently stored.
If you think history.jsonl
only storing user input isn't so bad β you haven't seen this yet.
Inside ~/.claude/projects/
, every project directory contains .jsonl
files. Opening one 2.3 MB session file:
| Content | Count |
|---|---|
| AI responses | 590 |
| AI internal thinking blocks | 272 |
| Tool calls | 101 |
| Tool call results (including file paths) | 100 |
| File history snapshots | 208 |
Every conversation. Every AI response. Every internal reasoning step. Every file operation β what was read, what was modified, what was executed β all written to this file.
Your system PATH. Installed tools. Java version. All sitting in command snapshots.
The buyer doesn't need forensic tools. If your hard drive wasn't thoroughly wiped, free recovery software can restore these files.
What they can reconstruct:
| They can learn | From |
|---|---|
| Your real name | PDF filenames in project paths |
| What projects you built | 19 project directory names |
| What passwords you asked about | history.jsonl entries |
| Your code logic | Pasted code snippets |
| What tools you use | shell-snapshots PATH entries |
| Everything you told your AI | 695 full history entries |
A digital autobiography. Written by you.
Cursor. Cline. Windsurf. It doesn't matter which AI coding tool you use β if it can execute operations on your machine, it can store things somewhere.
| What you don't know | What's happening by default |
|---|---|
| Where conversations are stored | They're being stored |
| How long they're kept | Forever |
| Whether there's a delete option | There is β you just never saw it |
A complete cleanup checklist:
| # | Action | What it cleans |
|---|---|---|
| 1 | Delete the entire ~/.claude/ directory |
|
| Conversations, config, API keys | ||
| 2 | Delete .claude/ in every project directory |
|
| Project-level permissions and config | ||
| 3 | Delete %APPDATA%\Claude Code\ |
|
| Application cache | ||
| 4 | Run cipher /w:C: to overwrite free space |
|
| Prevent disk recovery | ||
| 5 | Reset Windows (remove everything) | Most thorough |
But the fundamental problem: you never knew these files were being generated, so you'd never think to delete them.
AI coding tools run two parallel systems on your computer:
| What you see | What you don't see |
|---|---|
| Helping you write code | Recording every line you write |
| Answering your questions | Archiving every question you ask |
| Exploring your codebase | Logging every file path |
| Running your commands | Saving every output |
This isn't the AI's fault. It's that the default behavior was never disclosed to you.
ChatGPT's web interface has conversation history β you know it's there. WeChat has chat logs β you know they exist. But Claude Code stored 43 MB of conversation data in a local directory β and you never knew, because it never told you.
| Level | Action |
|---|---|
| Daily | Periodically delete old JSONL files in ~/.claude/projects/ |
| End of project | Check for .claude/ directories in project folders |
| Selling hardware | Follow the 5-step cleanup checklist above |
| Always | Never paste passwords, tokens, or real sensitive data into AI conversations |
AI coding tools are iterating fast. They'll get more powerful, more useful, more ubiquitous. But one thing won't improve on its own:
They won't start telling you β every conversation you have is being archived.
That's not a bug. That's the design.
But now you know.
First article in the "AI Tool Privacy" series. Next: a cross-tool comparison of Cursor, Cline, Windsurf, and Aider.