CCrewdeck

Security and trust

Autonomous agents touching client work demand stronger guarantees, not weaker ones. Here is exactly what Crewdeck does, stated plainly.

Tenant isolation, tested on every release

Each agency's data is scoped at the query layer, and our CI runs cross-tenant leakage tests against a real database on every build: data created as tenant A must be invisible and untouchable as tenant B, for every agent action.

Secrets encrypted at rest

API keys, bot tokens, and every connector credential (Search Console, GA4, ads, WordPress, SMTP) are encrypted with AES-256-GCM before storage and never returned by the API. Key material is excluded from data exports.

Human approval gates

Agents cannot move work out of the approval column, cannot send email, and cannot publish. Delivery connectors (WordPress, Google Docs, webhook, email) fire only on a human approval action; agents have no code path to them.

Read-only research tools, scoped and audited

Agents can read client data sources, never write to them. Site fetching is locked to the client own domain with private-network and redirect guards, every tool call is capped per day and logged with its outcome, and per-agent allowlists narrow access further.

Hard spend controls

Per-agent daily token budgets with hard stops, daily task and question caps, and change-gated heartbeats. A runaway agent is bounded on every axis.

Abuse protection

Rate limiting on authentication, webhooks, and write endpoints, enforced inside route handlers. Telegram webhooks require a per-account secret compared in constant time.

Complete audit trail

Every agent action writes an immutable activity event. The audit trail is the product: standups, reports, and the live feed are all built from it.

Your data, portable

Export your entire account as JSON or delete it permanently, anytime, from Settings. Deletion cascades everything.

Sensible operations

TLS in production, queue workers with graceful shutdown and stalled-job detection, single-use hashed password-reset tokens, and no account enumeration on auth endpoints.

No training on your client data — by anyone

Crewdeck never uses your data or your clients' data to train models, full stop. Agents call Anthropic or OpenAI over your own API key under their API terms, which do not train on API traffic by default. Your client work goes to your model provider and nowhere else.

Built for client NDAs

Client contracts increasingly require knowing where data goes and who can see it. With Crewdeck the answer is short: your database tenant, your model provider via your key, and the connectors you explicitly added per client. A signed DPA is available on request.

AI disclosure your clients can verify

When a client asks how AI was used on their account, you do not write an essay — you share the audit trail. Every deliverable carries who drafted it, what data it read, who reviewed it, and who approved it, with timestamps.

We do not claim certifications we do not hold. SOC 2 is on the roadmap as the customer base grows; the engineering controls above are in the codebase today and verifiable in our test suite.