Install Crawdad

Crawdad is a small security program that runs on your machine. It sits between your AI agents and the upstream LLMs and inspects every request through a 7-layer detection pipeline before it's forwarded. Only signed metering packets (Ed25519-signed, content-free) transmit upstream. Raw prompts, responses, and action parameters never leave your machine — enforced by architecture, not policy.

🛡️

Blocks prompt injection attacks

Catches direct and indirect injection before the LLM sees the request.

🔒

Prevents credential and PII exfiltration

Scans outbound responses for API keys, secrets, internal URLs, and 15 PII categories.

📋

Tamper-evident audit log

Every decision recorded locally in a SHA-256 Merkle-chained, Ed25519-signed audit trail.

How to install

macOS

Linux

Windows

Open Terminal — press Cmd+Space, type "Terminal", press Enter.

Paste this command and press Enter:

curl -fsSL https://getcrawdad.dev/install.sh | sh

You may be prompted for your Mac password — this is normal. The installer writes the signed binary to /usr/local/bin/crawdad-sidecar and registers a LaunchAgent that starts automatically at login.

Point your agent at the proxy:

export ANTHROPIC_BASE_URL=http://localhost:7748

Open the dashboard at http://localhost:7750. Click Run Test Battery to verify the detection pipeline.

Apple Silicon (ARM64) ships full ML detection — the sidecar downloads the model and libonnxruntime in the background after install, then activates on the next restart. Reproducible score: 99.80% detection / 0% FP on the open 497-attack / 1,172-negative benchmark. Intel Macs run pattern-only because upstream ONNX Runtime has no 1.24+ x86_64-apple-darwin wheel. Full notes at Getting Started.

Install with one command:

curl -fsSL https://getcrawdad.dev/install.sh | sh

The installer prompts for sudo once to register the systemd user unit at /etc/systemd/system/crawdad-sidecar.service.

Point your agent at the proxy:

export ANTHROPIC_BASE_URL=http://localhost:7748

Open the dashboard at http://localhost:7750. Click Run Test Battery to verify detection.

Linux x86_64 and Linux ARM64 both ship full ML detection — the sidecar auto-fetches the platform-specific libonnxruntime 1.24.4 tarball along with the model on first run, then activates ML on the next restart. Reproducible score: 99.80% detection / 0% FP on the open 497-attack / 1,172-negative benchmark.

Or download the signed binary directly:

Linux x86_64 AMD/Intel Linux ARM64 Raspberry Pi / AWS Graviton

Download the Windows binary (unsigned, pattern-only):

Download for Windows x86_64

Or use WSL (Windows Subsystem for Linux) — recommended for the automated install flow:

curl -fsSL https://getcrawdad.dev/install.sh | sh

Point your agent at the proxy:

export ANTHROPIC_BASE_URL=http://localhost:7748

Windows signing is post-launch work. Until then the binary is unsigned and Windows SmartScreen will prompt on first run. WSL is the recommended path.

After installing

Open the local dashboard at http://localhost:7750 to see every request inspected, per-layer decisions, and the continuous red team trend. Or see the cloud dashboard for fleet and billing views.