FeaturesHow it worksPricingFAQSee demoJoin Waitlist

Security at ClawTrait

Data Handling

ClawTrait collects agent telemetry data including task completion rates, token usage, latency metrics, and behaviour drift signals. All telemetry is aggregated and anonymized before storage. Raw event data is retained for 90 days, after which it is rolled up into aggregate metrics.

Encryption

All data is encrypted in transit (TLS 1.3) and at rest (AES-256). API keys and credentials are stored using industry-standard secret management.

Infrastructure

Hosted on European infrastructure. Application containers are isolated per deployment. No shared tenancy between customers.

Access Control

Telemetry ingestion uses scoped API keys per agent. Dashboard access is role-based with team-level permissions. Telemetry data from one workspace is never visible to another. API keys can be rotated at any time from the dashboard.

Compliance Roadmap

  • SOC 2 Type I — targeting Q3 2026
  • GDPR — compliant by design (EU hosting, data minimization, right to deletion)

Responsible Disclosure

Found a vulnerability? Email security@clawtrait.com. We respond within 48 hours.

Questions

For security inquiries, contact security@clawtrait.com.