HSHSKY Lab
tutorials11 min read

Can Your Employer See What You Do in Claude Code? What Admins Actually See (2026)

Used a company Claude account for a side project? Exactly what admins can see — your usage vs your prompts vs your repo — plus the IP risk nobody mentions.

In-Article Ad — Replace with ad code after approval

A question that keeps coming up — loudly — is some version of this one, posted almost word-for-word in two big subreddits on the same day: "I used my company Claude account while coding on my personal GitHub repo — can my employer see it?" Hundreds of replies, and they split into two very different answers that people kept talking past each other about.

I run Claude Code every day, so I dug through what the actual admins in those threads said, then checked each claim against Anthropic's own docs. The short version: the visibility answer is more reassuring than the panic suggests — but the reason everyone should still care has almost nothing to do with what an admin can see on a dashboard.

The short answer, in one table

WhatCan a company admin see it?
That you used Claude Code, when, and how many tokens / dollarsYes — always, on every Team or Enterprise plan
Lines of code accepted, accept rate, general usage patternsYes — standard analytics
The actual text of your prompts and Claude's repliesNot by default — only if your company turned on content logging or routes you through its own proxy
The code and files you pasted into the CLINot by default — Claude Code transcripts live on your machine
Which personal GitHub repo you pushed toNo — Claude doesn't see or report your git remote
Your claude.ai web/app chats on the company accountYes, on Enterprise — those are retrievable, unlike the CLI

The rest of this explains where each line comes from, because the nuances are exactly where people get it wrong.

What admins see by default: your usage, not your work

Every Team and Enterprise plan gives admins a usage dashboard. Per Anthropic's own admin-controls announcement, that means "lines of code accepted, suggestion accept rate, and usage patterns," plus spend — admins can "set spending limits at the organization and individual user level." Both Team and Enterprise include seat management, spend caps, and Claude Code usage analytics.

So the moment you log in with a company account, you show up. One admin in the thread put it bluntly: "As soon as you connect it shows up. I've had to reach out to some engineers to warn them." They can see that you used it, when, and how much it cost — because that's exactly what a FinOps dashboard is for.

Note

Usage is per-seat, not blended into an anonymous pool. On both Team and Enterprise plans, token counts and cost report against your user, so "it'll get lost in the company total" is wishful thinking. This is the same per-user token accounting that drives the usage limits and spend caps on any paid plan.

What they can't see by default: your prompts and your code

Here's the part that surprises people, including some of the admins arguing about it. On a standard setup, a company admin cannot read your Claude Code prompts or the code you pasted in. Two independent facts back this up.

Claude Code telemetry is off by default, and content is redacted even when it's on. Anthropic's monitoring docs are explicit: telemetry is disabled unless someone sets CLAUDE_CODE_ENABLE_TELEMETRY=1, and even with it on, prompt and response content is gated behind separate flags (OTEL_LOG_USER_PROMPTS, OTEL_LOG_ASSISTANT_RESPONSES, OTEL_LOG_TOOL_CONTENT). The docs state that spans "redact user prompt text, tool input details, and tool content by default" — the recorded value is literally <REDACTED> unless the gate is opened. By default only prompt length is captured, not the text.

The Enterprise Compliance API doesn't reach the CLI. This is the one that ends the argument. Enterprise admins have a Compliance API that can retrieve conversation content — but read the scope carefully: "The content endpoints (chats, files, projects, and project attachments) serve claude.ai data only." Claude Code and API workloads aren't claude.ai data. The Activity Feed logs metadata — who did what, when — but the actual prompt-and-code content of a CLI session isn't in there. As one enterprise admin in the thread corrected another: "Claude Code CLI is different: its session transcripts are stored locally, and detailed organization-wide logging of prompts, tool calls, and code requires configured OpenTelemetry or a gateway."

There's a genuinely counterintuitive consequence here: the claude.ai web app and desktop chats on a company Enterprise account are more exposed than the Claude Code CLI, because those chats live in claude.ai and the Compliance API can pull them. If you were worried about the terminal, the browser tab was the bigger tell.

The three ways a company can read your prompts

"Not by default" is not "never." If your employer has done any of the following, assume your prompts and code are visible:

  1. Managed telemetry with content logging turned on. Admins can push settings to every machine via a managed settings file distributed through MDM, and "environment variables defined in the managed settings file have high precedence and can't be overridden by users." If they set OTEL_LOG_USER_PROMPTS=1 and point the exporter at their collector, your prompts flow out with every session. Users in the thread report you get a notice after login when a managed telemetry config is present — so if you saw one, take it at face value.
  2. A proxy or gateway they own. Plenty of larger shops route all model traffic through their own proxy (or Bedrock/Vertex). "We proxy all requests to all different models through a proxy we own and can inspect," one commenter noted. "Claude dashboard wouldn't show us, but our proxy would." Anthropic's redaction defaults are irrelevant when the request never touches Anthropic's logging path first.
  3. The claude.ai surface, not the CLI. Covered above — if you did the work in the web app or desktop client rather than the terminal, Enterprise compliance tooling can retrieve it.

Warning

Don't reverse-engineer your safety from "they probably didn't set that up." A managed OTEL config or a corporate proxy is invisible to you mid-session unless you go looking for the login notice or inspect your outbound traffic. If the account is your employer's, treat the prompts as potentially logged.

Your personal GitHub repo is a separate question

The specific fear in the original post — can they see my personal repo? — is the easy part. Claude Code doesn't know or report which git remote you pushed to; that push goes from your machine to your account and doesn't round-trip through Anthropic. As one admin summed it up: "the github push is separate, claude doesnt see or report which repo you pushed to, so that part stays on your personal account."

The real repo risk runs the other direction, and it's worse. If you connect a personal GitHub account to an enterprise Claude setup — or get sloppy about which identity is active — you can end up pushing employer code to your personal repo. Depending on the industry, leaking your company's IP into a public-ish personal account is a far bigger problem than a few hundred tokens of personal usage. Don't cross the streams.

The bigger problem no dashboard shows: who owns the code

Now the part the whole "can they see it" debate mostly misses. In both threads, the top-voted concern wasn't surveillance — it was ownership.

I'm not a lawyer and this isn't legal advice, but the recurring point is worth understanding: many employment contracts include invention-assignment or IP clauses that hand your employer rights to work created using company resources — and a paid company Claude seat is a company resource. Whether an admin actually watched you in real time is beside the point; contract law doesn't require them to have been looking. If a side project you built on the company account ever becomes valuable, that clause is what a company would reach for.

The catch is that this is heavily jurisdiction- and contract-dependent. Commenters described the full range: US folks noting that "adjacent to the company's line of business" can be read broadly; someone under UK law arguing such a claim is "illegal and unenforceable unless you used company resources"; California's own wrinkles; and companies that explicitly encourage using the company Claude for personal projects to build skills. The only way to know your situation is to read your own contract and employee handbook — and if real money is on the line, ask an actual lawyer.

Tip

The clean rule that sidesteps all of this: keep a strictly separate personal Claude subscription, on your own machine, for anything you might ever want to own or monetize. "Different hardware, software, and accounts" is the boundary the people who've been burned kept coming back to.

What I'd actually do

  • Going forward: personal projects on a personal account and a personal machine. Company account for company work. No exceptions worth the ambiguity.
  • If you already did it once, for genuinely personal use: practically, almost nobody is going to care about a one-off token spend. But don't build on top of it. If you want to keep the project, rebuild the meaningful parts on your own account so its provenance is clean, and don't reuse the company-generated code.
  • If it might have real value, or you're in a strict/regulated shop: the thread's most level-headed advice was to get ahead of it — "'fess up and offer to reimburse the costs" beats having it surface later and getting read as misuse of resources. Check your handbook first.

This part can shift

The mechanics above — telemetry off by default, content redacted unless gated, Compliance API scoped to claude.ai, per-seat usage always visible — are documented behavior as of mid-July 2026. But admin controls and compliance tooling are an area Anthropic ships into constantly, and your own company's configuration is the bigger variable anyway. Before betting anything important on "they can't see it," check the current monitoring and compliance docs, and — if it matters — ask your admin what's actually enabled.

FAQ

Can my employer see my Claude Code prompts?

Not on a default setup — Claude Code telemetry is off unless enabled, prompt content is redacted even when it's on, and the Enterprise Compliance API's content export covers claude.ai chats, not the CLI. They can if your company configured managed telemetry with content logging (OTEL_LOG_USER_PROMPTS) or routes traffic through its own proxy. Assume the latter if the account is your employer's.

What can a company admin actually see, then?

Your usage: that you used Claude Code, when, how many tokens, and the cost — plus analytics like lines of code accepted and accept rate. That's standard on every Team and Enterprise plan and reports per user, not anonymously.

Can they see which personal GitHub repo I pushed to?

No. Claude Code doesn't see or report your git remote; the push goes from your machine to your account. The real risk is the reverse — accidentally pushing employer code to a personal repo.

Is the Claude web app safer than the CLI on a company account?

It's the opposite. On Enterprise, claude.ai web and desktop chats are retrievable through the Compliance API, while Claude Code CLI transcripts stay local by default. The terminal is the more private surface here.

Could my company claim ownership of a side project I built on the company account?

Possibly — many contracts assign IP created "using company resources," and a paid company seat counts. It's jurisdiction- and contract-dependent, and this isn't legal advice. Read your employment contract and handbook; if the project has real value, talk to a lawyer.

Bottom Line

Take a breath: on a normal setup, no admin is reading your Claude Code prompts or watching which repo you pushed to. What they can always see is that you used the account and what it cost — and if your company runs managed telemetry or a proxy, the content is on the table too. But the question that actually matters isn't surveillance, it's ownership: building a personal project on a company-paid seat can hand your employer a claim to it, whether or not anyone was watching. Keep a separate account on your own machine for anything you want to keep, and the whole problem disappears.

In-Article Ad — Replace with ad code after approval

Tags

claude codeprivacyenterpriseadmintutorial
H

Written by HSKY

Developer writing about AI coding tools — Claude Code, Cursor, agents, and the workflows that make them work.