We separate two kinds of data. Invocation telemetry tells us which CLI and command ran. Scan-result contribution tells the registry which package you scanned and what the verdict was. They have different consent shapes, and this page describes both.
Two buckets, two consent shapes.
Invocation telemetry (which CLI, which command, which version, which OS) is on by default. It collects no package names, no scan content, and no personally identifiable information. Disable any time with OPENA2A_TELEMETRY=off.
Scan-result contribution (the package you scanned + verdict + finding counts) is opt-in only. It is requested explicitly the first time you run a local scan and persists your choice. Disable a single scan with --no-contribute.
Invocation telemetry says “this CLI was used.” Scan-result contribution says “this is what the user is investigating.” Folding both into a single consent surface hides a boundary that matters under GDPR, SOC2, and FedRAMP, and we treat them as two separate decisions.
| Bucket | What we collect | Consent | Disable |
|---|---|---|---|
Invocation telemetry | Tool name + version, command run, OS, timestamp. No package names, no scan content. | Default-on, opt-out | OPENA2A_TELEMETRY=offhackmyagent telemetry off |
Scan-result contribution | Package name + version + scan findings + verdict. Names what you scanned. | Opt-in (prompted on first local scan; choice persists) | --no-contribute |
Author publish | Full scan + narrative, for a package the author explicitly publishes. | Explicit (secure --publish) | Don’t pass the flag |
When you opt in to scan-result contribution, the following metadata is sent to the OpenA2A Registry per scan:
| Field | Example | Purpose |
|---|---|---|
| Package name | @modelcontextprotocol/server-filesystem | Identify which package was scanned |
| Package version | 2024.10.14 | Track security across versions |
| Scan severity counts | critical: 0, high: 1 | Aggregate community trust scores |
| Scan verdict | safe, warning | Aggregate community health metrics |
| Behavioral metrics | fileCount: 42 | Detect anomalous package behavior |
| Timestamp | 2026-04-28T16:00:00Z | Time-series analysis |
Neither bucket collects any of the following:
After you have opted in to scan-result contribution, the CLI does not print a per-scan banner, queue notice, or “sent-to-registry” line on subsequent scans. Once you have consented, repeating the disclosure on every run trains users to ignore CLI output and feels surveillance-y even when consent is in place. The disclosure is on --help and on this page; the consent prompt itself fires once.
The silent rule does not apply to:
--verbose or debug flags.secure --publish) — those print a result line by design because the user explicitly asked.Both buckets flow over TLS 1.3 to api.oa2a.org. Invocation telemetry rolls up into anonymous usage metrics. Scan-result contributions land in the registry’s anonymous tier and are aggregated into community trust scores. No raw scan data is stored beyond the field set above.
Disable invocation telemetry — works on every OpenA2A CLI:
Per-CLI subcommands also work where supported, e.g. hackmyagent telemetry off, ai-trust telemetry off.
Skip scan-result contribution for one scan:
Check current status:
Inspect what would be sent — pass --verbose to surface telemetry debug output:
Request data deletion:
Every line of code that handles telemetry is open source. You can audit exactly what each bucket sends:
Questions about data transparency or this policy? Reach out: