Agentic Engineering: What Do AI Coding Tools Do With Your Code?

In the first post of this five-part series, I wrote about the LLMs I currently like to use for Angular development. In the second post, I looked at the apps and harnesses around those models: Codex, Claude desktop app, Cursor, Antigravity, VS Code, WebStorm, and a few more. In the third post, I focused on money: subscriptions, API costs, enterprise plans, token usage, reasoning levels, and cost control. I originally planned to squeeze all of this into that costs post, but it quickly became too much for one article, so both topics now get their own. This fourth part is about the less comfortable question behind all of that:

What do we actually share when we use agentic coding tools?

This is where pricing, privacy, enterprise rules, EU regulations, and the very common sentence "We are not allowed to use AI here" all meet.

Is our code safe?

Before I dive in, the usual disclaimer: this is not legal advice, not procurement advice, and not a replacement for your company's security review by an expert. It is my practical view as an Angular builder and coach who cares about using agentic coding professionally without pretending that data protection is somebody else's problem.