Documentation — Spybara

guides/prompt-caching.md +4 −4

Details

129 129

1306. **Does Prompt Caching work on Zero Data Retention requests?**1306. **Does Prompt Caching work on Zero Data Retention requests?**

131 131

132 In-memory cache retention is Zero Data Retention eligible.132 In-memory cache retention does not save any data to disk.

133 If you specify extended caching in the request, then that request is not considered Zero Data Retention eligible because the key/value tensors may be held in GPU-local storage, and the key-value tensors are derived from customer content.133 Extended prompt caching may store key/value tensors in GPU-local storage, and the key-value tensors are derived from customer content. This data is not retained beyond cache expiration -- the key-value tensors are retained for 1-2 hours (most usage) and at most 24 hours.

134 However, the extended caching request will not be blocked if Zero Data Retention is enabled for your project. The other Zero Data Retention still applies, such as excluding customer content from abuse logs and preventing use of `store=True`.134 Extended prompt caching requests are not blocked if Zero Data Retention is enabled for your project. Other Zero Data Retention still applies, such as excluding customer content from abuse logs and preventing use of `store=True`.

135 See the [Your data](https://developers.openai.com/api/docs/guides/your-data) guide for more context on Zero Data Retention.135 See the [Your data](https://developers.openai.com/api/docs/guides/your-data) guide for more context on Zero Data Retention.

136 136

1377. **Does Prompt Caching work with Data Residency?**1377. **Does Prompt Caching work with Data Residency?**

138 138

139 In-memory Prompt Caching is compatable with all Data Residency regions.139 In-memory Prompt Caching is compatable with all Data Residency regions.

140 140

141 Extended caching is only compatible with Data Residency regions that include Regional Inference.

141 Extended caching temporarily stores data on GPU machines and will only be kept in-region when using Regional Inference.

guides/tools-shell.md +163 −17

Details

307- Request-level `network_policy` further restricts access.307- Request-level `network_policy` further restricts access.

308- Requests fail if `allowed_domains` includes domains outside your org allow list.308- Requests fail if `allowed_domains` includes domains outside your org allow list.

309 309

310## Data retention and container lifecycle

311

312Hosted containers used by Hosted Shell and Code Interpreter may write temporary application state to the container filesystem (backed by ephemeral block storage) while the container is active. Container data is deleted when the container expires or is explicitly deleted.

313

314For more details on data controls, see [ZDR and data residency](https://developers.openai.com/api/docs/guides/your-data).

315

316### Download artifacts

317

318Hosted shell can produce downloadable files. Use the same container/files APIs as code interpreter to retrieve artifacts written under `/mnt/data`.

319

320### Additional data controls

321

322If you want to keep content and files ephemeral within the hosted lifecycle, you can inline files in the request and mount inline skills in the container.

323

324Use inline files and inline skills

325

326```javascript

327import fs from "fs";

328import OpenAI from "openai";

329

330const client = new OpenAI();

331

332const inlineZip = fs.readFileSync("csv_insights.zip").toString("base64");

333const reportCsv = fs.readFileSync("report.csv").toString("base64");

334

335const container = await client.containers.create({

336 name: "inline-skill-container",

337 skills: [

338 {

339 type: "inline",

340 name: "csv-insights",

341 description: "Summarize CSV files and produce a markdown report.",

342 source: {

343 type: "base64",

344 media_type: "application/zip",

345 data: inlineZip,

346 },

347 },

348 ],

349});

350

351const response = await client.responses.create({

352 model: "gpt-5.4",

353 tools: [

354 {

355 type: "shell",

356 environment: {

357 type: "container_reference",

358 container_id: container.id,

359 },

360 },

361 ],

362 input: [

363 {

364 role: "user",

365 content: [

366 {

367 type: "input_file",

368 filename: "report.csv",

369 file_data: \`data:text/csv;base64,\${reportCsv}\`,

370 },

371 {

372 type: "input_text",

373 text: "Use the csv-insights skill to summarize report.csv.",

374 },

375 ],

376 },

377 ],

378});

379

380console.log(response.output_text);

381```

382

383```python

384import base64

385from openai import OpenAI

386

387client = OpenAI()

388

389with open("csv_insights.zip", "rb") as f:

390 inline_zip = base64.b64encode(f.read()).decode("utf-8")

391

392with open("report.csv", "rb") as f:

393 base64_string = base64.b64encode(f.read()).decode("utf-8")

394

395container = client.containers.create(

396 name="inline-skill-container",

397 skills=[

398 {

399 "type": "inline",

400 "name": "csv-insights",

401 "description": "Summarize CSV files and produce a markdown report.",

402 "source": {

403 "type": "base64",

404 "media_type": "application/zip",

405 "data": inline_zip,

406 },

407 }

408 ],

409)

410

411response = client.responses.create(

412 model="gpt-5.4",

413 tools=[

414 {

415 "type": "shell",

416 "environment": {

417 "type": "container_reference",

418 "container_id": container.id,

419 },

420 }

421 ],

422 input=[

423 {

424 "role": "user",

425 "content": [

426 {

427 "type": "input_file",

428 "filename": "report.csv",

429 "file_data": f"data:text/csv;base64,{base64_string}",

430 },

431 {

432 "type": "input_text",

433 "text": "Use the csv-insights skill to summarize report.csv.",

434 },

435 ],

436 }

437 ],

438)

439

440print(response.output_text)

441```

442

443

444For follow-up requests, pass the same `container_id` with `container_reference`. The mounted skills and existing container files remain available while the container is active.

445

446### Proactively delete a container

447

448You can explicitly delete the container when the work is done instead of waiting for inactivity expiration.

449

450Delete a container

451

452```javascript

453import OpenAI from "openai";

454

455const client = new OpenAI();

456

457const deleted = await client.containers.delete("container_id");

458

459console.log(deleted);

460```

461

462```python

463from openai import OpenAI

464

465client = OpenAI()

466

467deleted = client.containers.delete("container_id")

468

469print(deleted)

470```

471

472

310## Domain secrets473## Domain secrets

311 474

312Use `domain_secrets` when a domain in your `allowed_domains` list requires private authorization headers, such as `Authorization: Bearer <token>`.475Use `domain_secrets` when a domain in your `allowed_domains` list requires private authorization headers, such as `Authorization: Bearer <token>`.

458```621```

459 622

460 623

461## Download artifacts

~~462~~

463Hosted shell can produce downloadable files. Use the same container/files APIs as code interpreter to retrieve artifacts written under `/mnt/data`.

~~464~~

465### Data retention and container lifecycle

~~466~~

467Hosted shell runs in OpenAI-hosted containers. If your org or project enables Zero Data Retention (ZDR), OpenAI-hosted containers aren't available, so hosted shell can't run in ZDR mode. Hosted shell and Code Interpreter work with Modified Abuse Monitoring (MAM) instead.

~~468~~

469If you need shell execution while using ZDR, use [local shell mode](#local-shell-mode) so commands run in infrastructure you manage.

~~470~~

471For data controls details, see [ZDR and data residency](https://developers.openai.com/api/docs/guides/your-data).

~~472~~

473Hosted shell uses the same container lifecycle as Code Interpreter. Treat hosted containers as ephemeral and store any data you need on your own systems. Files and artifacts created or uploaded in hosted shell live in the container filesystem (for example, under `/mnt/data`) while the container is active so you can reuse the container and download artifacts.

~~474~~

475- A hosted shell container expires after 20 minutes of inactivity. Download any files you need while the container is active. When the container expires, OpenAI discards the container data and you can't recover it.

476- You can't reactivate an expired container. Create a new container and upload files again.

~~477~~

478## Shell output in Responses624## Shell output in Responses

479 625

480Hosted shell and local shell use the same output item types. Shell runs are represented by paired output items:626Hosted shell and local shell use the same output item types. Shell runs are represented by paired output items:

guides/tools-skills.md +1 −1

Details

234 234

235#### Validate data residency and retention requirements235#### Validate data residency and retention requirements

236 236

237We support Skills in two form factors: local execution and hosted container-based execution. Skills running in OpenAI hosted containers can't be used when Zero Data Retention is enabled. Read more about our [data controls](https://developers.openai.com/api/docs/guides/your-data).

237We support Skills in two form factors: local execution and hosted container-based execution. Hosted skills follow the same container lifecycle as hosted shell: mounted skills and container files remain available while the container is active and are discarded when the container expires or is deleted. If you want execution to stay entirely on infrastructure you manage, use local shell mode. Read more about our [data controls](https://developers.openai.com/api/docs/guides/your-data).

guides/your-data.md +3 −2

Details

78- Audio outputs application state is stored for 1 hour to enable [multi-turn conversations](https://developers.openai.com/api/docs/guides/audio).78- Audio outputs application state is stored for 1 hour to enable [multi-turn conversations](https://developers.openai.com/api/docs/guides/audio).

79- When Zero Data Retention is enabled for an organization, the `store` parameter will always be treated as `false`, even if the request attempts to set the value to `true`.79- When Zero Data Retention is enabled for an organization, the `store` parameter will always be treated as `false`, even if the request attempts to set the value to `true`.

80- See [image and file inputs](#image-and-file-inputs).80- See [image and file inputs](#image-and-file-inputs).

81- Extended prompt caching requires storing key/value tensors to GPU-local storage as application state. This storage requirement means that requests leveraging extended prompt caching are not Zero Data Retention eligible. To learn more, see the [prompt caching guide](https://developers.openai.com/api/docs/guides/prompt-caching#prompt-cache-retention).81- Extended prompt caching requires storing key/value tensors to GPU-local storage as application state. This data is stored on the local GPU machines and is not retained after the 24 hour data expiration. To learn more, see the [prompt caching guide](https://developers.openai.com/api/docs/guides/prompt-caching#prompt-cache-retention).

82 82

83#### `/v1/responses`83#### `/v1/responses`

84 84

89- See [image and file inputs](#image-and-file-inputs).89- See [image and file inputs](#image-and-file-inputs).

90- MCP servers (used with the [remote MCP server tool](https://developers.openai.com/api/docs/guides/tools-remote-mcp)) are third-party services, and data sent to an MCP server is subject to their data retention policies.90- MCP servers (used with the [remote MCP server tool](https://developers.openai.com/api/docs/guides/tools-remote-mcp)) are third-party services, and data sent to an MCP server is subject to their data retention policies.

91- OpenAI-hosted containers cannot be used when Zero Data Retention is enabled. [Hosted Shell](https://developers.openai.com/api/docs/guides/tools-shell#hosted-shell-quickstart) and [Code Interpreter](https://developers.openai.com/api/docs/guides/tools-code-interpreter) can be used with [Modified Abuse Monitoring](https://developers.openai.com/api/docs/guides/your-data#modified-abuse-monitoring) instead.91- OpenAI-hosted containers cannot be used when Zero Data Retention is enabled. [Hosted Shell](https://developers.openai.com/api/docs/guides/tools-shell#hosted-shell-quickstart) and [Code Interpreter](https://developers.openai.com/api/docs/guides/tools-code-interpreter) can be used with [Modified Abuse Monitoring](https://developers.openai.com/api/docs/guides/your-data#modified-abuse-monitoring) instead.

92- Hosted containers used by [Hosted Shell](https://developers.openai.com/api/docs/guides/tools-shell#hosted-shell-quickstart) and [Code Interpreter](https://developers.openai.com/api/docs/guides/tools-code-interpreter) may write temporary application state to the container filesystem (backed by ephemeral block storage) while the container is active. Container data is deleted when the container expires or is explicitly deleted.

92- Extended prompt caching requires storing key/value tensors to GPU-local storage as application state. This storage requirement means that requests leveraging extended prompt caching are not Zero Data Retention eligible. To learn more, see the [prompt caching guide](https://developers.openai.com/api/docs/guides/prompt-caching#prompt-cache-retention).93- Extended prompt caching requires storing key/value tensors to GPU-local storage as application state. This storage requirement means that requests leveraging extended prompt caching are not Zero Data Retention eligible. To learn more, see the [prompt caching guide](https://developers.openai.com/api/docs/guides/prompt-caching#prompt-cache-retention).

93- For server-side compaction, no data is retained when `store="false"`.94- For server-side compaction, no data is retained when `store="false"`.

94- We support [Skills](https://developers.openai.com/api/docs/guides/tools-skills) in two form factors, both local execution and hosted container-based execution. Skills running in OpenAI-hosted containers cannot be used when Zero Data Retention is enabled.95- We support [Skills](https://developers.openai.com/api/docs/guides/tools-skills) in two form factors, both local execution and hosted container-based execution. Hosted skills follow the same container lifecycle as hosted shell: mounted skills and container files remain available while the container is active and are discarded when the container expires or is deleted.

95- Data transmitted to third-party services over network connections is subject to their data retention policies.96- Data transmitted to third-party services over network connections is subject to their data retention policies.

96 97

97#### `/v1/assistants`, `/v1/threads`, and `/v1/vector_stores`98#### `/v1/assistants`, `/v1/threads`, and `/v1/vector_stores`

Documentation 2026-04-01 05:53 UTC to 2026-04-07 05:51 UTC