By downloading, installing, accessing, or using Crawdad software or services ("the Service"), you agree to be bound by these Terms of Service ("Terms"). If you are using the Service on behalf of an organization, you represent that you have authority to bind that organization to these Terms.
Crawdad is a locally-installed runtime security tool for AI agents. The Service includes the Crawdad sidecar binary, embedded dashboard, gateway-hosted account and billing services, threat signature updates, and associated documentation. The sidecar operates on your local machine; only signed metering packets (event counts, Ed25519-signed) transmit upstream. See the Privacy Policy for the full outbound call inventory.
THE SERVICE IS A SECURITY DETECTION AND ENFORCEMENT TOOL. IT IS DESIGNED TO BLOCK AND DETECT THREATS BUT DOES NOT AND CANNOT GUARANTEE THE PREVENTION OF ALL SECURITY INCIDENTS. SPECIFICALLY:
The Service is licensed under the Business Source License 1.1 (BSL 1.1). Under BSL 1.1: the Service may be used for non-production and evaluation purposes without a paid license. Production use requires a paid subscription above the Free tier. The license converts to Apache 2.0 four years after each version's release date.
You may not:
Paid plans (Pro, Team, Business, Enterprise) are billed monthly through Stripe. Plans are defined by the number of protected agents and a fair-use request cap. You may cancel at any time via the Stripe Customer Portal; cancellation takes effect at the end of the current billing period and moves your account to the Free tier.
30-day money-back for new subscribers. If you subscribe to a paid plan and are unsatisfied, email contact@getcrawdad.dev within 30 days of your first payment and we will refund the initial subscription charge. One 30-day money-back window per customer. This does not apply to subsequent billing periods or to annual plans beyond the first month.
We do not otherwise offer prorated refunds for partial billing periods.
Fair-use behavior. Crawdad never stops protecting. If usage approaches your plan's request cap, Crawdad surfaces a dashboard banner at 80%, sends an email at 100%, and accrues a small overage (priced so upgrading is always cheaper) past 150%. The full 7-layer detection pipeline continues to run. Security is never degraded based on billing state.
Payment failure. If a subscription payment fails, we attempt re-authorization per Stripe's standard dunning cycle. If the account remains unpaid at the end of that cycle, the account reverts to the Free tier (full detection pipeline, 1 agent, 50K requests per month fair-use). We do not downgrade detection capability or stop protection at any tier.
Prices may change with 30 days' advance notice by email to the account holder.
When fleet reporting is enabled, device-level posture metadata is transmitted to the fleet manager endpoint you configure. This metadata includes device ID, hostname, version, security score, detection counts (blocked/flagged), agent counts, plan, and policy hash. It does not include session content, prompts, responses, tool-call arguments, or any data processed by the detection pipeline. You are responsible for the security of your fleet manager endpoint and for informing team members that posture metadata is being collected.
The SDK scan endpoint (/api/v1/sdk/scan) is included on Pro tier and above for use within your own applications. Embedding Crawdad's detection capabilities into a product or service offered to third parties constitutes OEM use and requires a Business tier subscription or a separate OEM agreement. Contact contact@getcrawdad.dev for OEM licensing terms.
Your use of the Service is also governed by our Privacy Policy. In summary: raw prompts, responses, action parameters, and PII never leave your machine. Only signed metering packets (event counts, Ed25519-signed, sequence-numbered) transmit upstream. There is one opt-in exception (the L7 remote LLM-critic, disabled by default) where content excerpts can be sent to an external AI provider for analysis; see the Privacy Policy for the full disclosure.
The Service, including its source code, documentation, threat signatures, trained ML model weights, attack corpora, and branding, is the intellectual property of Crawdad. The BSL 1.1 license grants you specific usage rights. Threat signatures and reference data incorporated from public sources (e.g., NVD, public OSS repositories) remain subject to their original licensing.
Your local data — your configuration, audit log, session database, and any policies you author — remains your property. Crawdad does not assert ownership over any data the Service stores locally on your machine.
THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED. TO THE FULLEST EXTENT PERMITTED BY LAW, WE DISCLAIM ALL WARRANTIES, INCLUDING IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. WE DO NOT WARRANT THAT THE SERVICE WILL BE UNINTERRUPTED, ERROR-FREE, OR COMPLETELY SECURE. WE DO NOT WARRANT THAT THE SERVICE WILL DETECT ALL SECURITY THREATS OR PREVENT ALL SECURITY INCIDENTS.
TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW: (A) IN NO EVENT SHALL CRAWDAD BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, INCLUDING LOSS OF DATA, LOSS OF REVENUE, SECURITY BREACHES, OR DAMAGES ARISING FROM ATTACKS THE SERVICE FAILED TO DETECT. (B) TOTAL AGGREGATE LIABILITY SHALL NOT EXCEED THE GREATER OF THE AMOUNT PAID IN THE TWELVE MONTHS PRECEDING THE CLAIM OR ONE HUNDRED US DOLLARS ($100). (C) THESE LIMITATIONS APPLY REGARDLESS OF THE THEORY OF LIABILITY AND EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
You agree to indemnify, defend, and hold harmless Crawdad from any claims, damages, losses, liabilities, and expenses arising from: (a) your use of the Service, (b) your violation of these Terms, (c) your violation of any applicable law, or (d) any security incident regardless of whether the Service detected or failed to detect it.
We reserve the right to modify, update, or discontinue any aspect of the Service at any time. For material changes that affect paid subscribers, we will provide at least 30 days' notice by email.
You may stop using the Service at any time by uninstalling the sidecar. We may terminate or suspend access to paid features for non-payment, violation of these Terms, or if required by law.
Upon termination: your local sidecar data (audit.db, sessions.db, policies) remains on your machine and is fully accessible. For account-level data we hold (email, tenant ID, metering history), we will provide a JSON export on request for 30 days following termination, after which the data is deleted per the retention schedule in the Privacy Policy.
These Terms are governed by the laws of the State of New York, United States, without regard to conflict of law principles. Any dispute shall first be subject to good faith negotiation for 30 days. If not resolved, disputes shall be resolved through binding arbitration administered by JAMS under its Streamlined Arbitration Rules, conducted in New York, New York.
If any provision is found unenforceable, the remaining provisions continue in full force.
These Terms, together with the Privacy Policy, constitute the entire agreement between you and Crawdad regarding the Service.