Trunk Tools

Trunk Tools shows mixed risk signals with strong security practices (SOC 2 Type II) but concerning data rights terms. While they don't access source code directly, they collect extensive test data and grant themselves broad perpetual licenses to user content. The privacy policy is consumer-focused and lacks enterprise-specific protections, though they do provide clear data retention periods and deletion rights.