Y Combinator launched Paxel on June 5, 2026, a free tool that reads a developer's Claude, Codex, and Cursor sessions and returns a profile of how they build with AI. Within hours the launch had pulled in hundreds of thousands of analyzed sessions — and a pointed privacy debate over the headline claim that "your code never leaves your machine."
Key Highlights
- Free profiler from YC that analyzes AI coding sessions from Claude Code, Codex CLI, and Cursor
- Runs locally in Docker with results delivered by email in roughly 15–30 minutes
- Builder profile across five dimensions: steering, execution, engineering, product instinct, and planning
- Nearly 250,000 sessions uploaded and analyzed within the first day of launch
- Privacy backlash over the "code never leaves your machine" marketing line
Details
Paxel runs from a single command inside a Docker container on the user's own machine. It scans the local transcripts left behind by AI coding agents, then produces what YC calls a "builder profile" — a snapshot of how a developer works with AI across steering, execution, engineering, product instinct, and planning. The output includes archetype labels such as "The Architect" or "Night Owl," and the analysis takes roughly 15 to 30 minutes, after which the user receives results by email.
The tool is free, with YC covering the model costs, and it works across multiple machines tied to the same email login. Paxel tokens can also be linked to Startup School 2026 applications, positioning the tool as both a developer curiosity and a funnel into YC's programs. By the day after launch, the project page reported close to 250,000 sessions uploaded and analyzed.
The Privacy Question
YC's launch post promised that Paxel "runs locally inside Docker, and your code never leaves your machine." Security commentators quickly pushed back, arguing the blanket claim oversimplifies what the tool actually transmits.
According to Paxel's own privacy breakdown, working files and .env files stay on the device, but transcript excerpts are sent to Claude or GPT for summarization, and a final "small payload of scores, narratives, and redacted decisions" is uploaded to Y Combinator. The account International Cyber Digest argued that those excerpts are not abstract metadata: a tool-output snippet from a Read operation is literally file contents, and an Edit operation carries the code being changed. In other words, fragments of real source code do leave the machine — just not the entire repository.
The gap is between a marketing line and a more nuanced technical reality. Paxel does keep full files and secrets local and minimizes what it ships, but "your code never leaves your machine" is not strictly accurate when transcript excerpts containing source are sent to third-party models for summarization.
Impact
For developers, Paxel sits at an awkward intersection: a genuinely interesting product — quantifying how someone collaborates with AI agents — wrapped in a privacy promise that invites scrutiny. The episode is a reminder that AI coding agents now produce rich session logs, and those logs are themselves sensitive artifacts. Transcripts can contain proprietary code, internal file paths, credentials referenced in commands, and architectural decisions.
For teams in regulated industries or working under strict NDAs, the takeaway is to treat agent session transcripts as part of the attack surface. A tool that processes them locally is still sending derived excerpts to external models unless explicitly proven otherwise.
Background
The launch lands amid a broader wave of tools built around AI coding agent telemetry. Open-source projects already index and search local session history across providers like Codex, Claude, Gemini CLI, Cursor, and Aider, and the "Codex vs Claude Code" debate has been one of the most discussed developer topics of the week. Paxel is notable mainly because it comes from Y Combinator itself and ties directly into the accelerator's recruiting pipeline.
What's Next
Expect continued scrutiny of exactly what data crosses the network boundary, and likely clearer disclosures from YC if the criticism gains traction. More broadly, as session-analytics tools proliferate, "local-first" claims will need to specify precisely what is summarized, what is redacted, and which third-party models see the excerpts — because for AI coding agents, the transcript is the code.
Source: Y Combinator — Paxel