Privacy & Visibility

Every session, plan, skill, and project you push has a privacy level and an optional expiration.

Privacy levels

Public

Public sessions, plans, and skills appear on your profile page and are discoverable by anyone browsing the site. Public skills can also be pulled by other users via @username/skill references.

rn session push --public

Secret

Secret sessions, plans, and skills are only accessible via their direct URL. They don't appear on your profile or in any listing. Anyone with the URL can view them, but the URL contains a cryptographic nanoid that is not guessable.

rn session push --secret

This is the default.

Private

Private sessions, plans, and skills are only accessible to you. They don't appear on your profile, and anyone else visiting the URL sees a 404 — indistinguishable from non-existent content.

rn session push --private

To view private content in your browser, first log in with rn login to authenticate your browser session. Then use the open commands or visit URLs directly:

rn login
rn session open <id>
rn plan open <name>

The browser session lasts 30 days. You can log out at any time via the toolbar button on the site.

Default privacy

The default privacy level is secret. You can change this in your config:

[global]
privacy = "public"    # public, secret, or private

Or override per resource type:

[session]
privacy = "secret"

[plan]
privacy = "public"

The precedence is: CLI flag > resource-type config > global config > default (secret).

Project privacy ceiling

Projects act as a privacy ceiling for their contents. A private project hides all its sessions, plans, and skills from non-owners, regardless of individual item privacy levels. A public or secret project shows items according to their own privacy levels.

Project privacy Item privacy Visible to non-owners?
public public Yes
public secret Yes (via direct URL)
public private No
secret public Yes (via project URL)
private any No

Expiration

Set an expiration when pushing:

rn session push --expires 7d
rn plan push my-plan --expires 30d

Duration format

  • 1h — 1 hour
  • 24h — 24 hours
  • 7d — 7 days
  • 30d — 30 days
  • 365d — 1 year

What happens on expiry

When a session or plan expires, it becomes inaccessible. A background cleanup process permanently deletes expired content. The URL returns a 404.

Default expiration

Set a default in your config:

[global]
expires = "30d"       # all content expires in 30 days unless overridden

Or per resource type:

[session]
expires = "7d"

[plan]
expires = "90d"

If no expiration is set (and no default is configured), content persists until you delete it manually.

Updating metadata

You can change the privacy level of existing content with the CLI:

rn session set-privacy <id> <level>
rn plan set-privacy <name> <level>
rn skill set-privacy <name> <level>
rn project set-privacy <label> <level> [--recursive]

The --recursive flag on rn project set-privacy applies the privacy level to all sessions and plans in the project.

Changing a session's privacy cascades to any session-linked plans created by that session.

You can also update privacy and expiration through the API — see the API Reference for details.

← Authentication Configuration →
rockstar.ninja · docs · privacy