Crawdad uses zero-knowledge architecture — we derive your encryption keys from your master password, which we never store. We cannot read your data even if compelled legally. All connections use mutual TLS with post-quantum cryptography (CRYSTALS-Kyber1024, NIST FIPS 203). Your data is encrypted at rest and in transit.
Crawdad sees the content of messages your agent sends and receives, the actions your agent attempts to take, and the responses it generates — because that's what we're scanning for threats. We never store the content of messages beyond the retention window (7 days on free tier, 30 days on paid tiers). We never use your data to train models.
Yes. The Crawdad Secure Agent package runs entirely on your own infrastructure. Your data never touches our servers. Download the installer at getcrawdad.dev.
The Crawdad SDK has a configurable fail-open/fail-closed mode. Fail-open: if Crawdad is unreachable, your agent continues running unprotected with a warning logged. Fail-closed: if Crawdad is unreachable, your agent stops until connectivity is restored. You choose which is appropriate for your use case. Our uptime SLA is 99.9% on paid tiers.
Under 10ms p99 for firewall scans on the API tier. Under 2ms on self-hosted deployments. We measure and publish our actual latency at getcrawdad.dev/status.
Cancel anytime from your dashboard. No cancellation fees. Your data is available for export for 30 days after cancellation. After 30 days it is permanently deleted.
The Crawdad API is closed source (BSL 1.1 — same model as HashiCorp Vault). The OpenClaw skill is fully open source (Apache 2.0) at github.com/AndrewSispoidis/crawdad-openclaw — you can read exactly what it does before installing. A professional security audit by an independent firm is planned for Q3 2026 and will be published publicly.
Crawdad was built by Andrew Sispoidis, founder of Kynismos AI. Andrew has founded seven companies with four exits and over $250M raised. Crawdad is built with Rust for memory safety, uses only audited cryptographic libraries, and has 665+ tests. Get in touch via the contact form at getcrawdad.dev
Yes. The air-gap deployment package runs with zero external network dependencies. It has been designed for classified environments with full post-quantum cryptography and an immutable cryptographic audit log suitable for compliance requirements. Get in touch via the contact form at getcrawdad.dev for details.
OpenClaw, Claude Code, Claude CoWork, LangChain, CrewAI, AutoGen, and any agent framework via the REST API or Python SDK.